bamfon Posted June 29, 2013 Share Posted June 29, 2013 Well I am now getting around to updating some of the CMS that I have done, and I wanted to know whats the thoughts on the user filtering below. Is there anything I could do to make it better or would it do its job fine as it is and no need to update? <?php //cleaning the user inputing anit Sql attack function nice_escape($unescapedString) { if (get_magic_quotes_gpc()) { $unescapedString = stripslashes($unescapedString); } $unescapedString=strip_tags($unescapedString); $semiEscapedString = mysqli_real_escape_string($unescapedString); $escapedString = addcslashes($semiEscapedString, "%_"); return $escapedString; } function nice_output($escapedString) { $patterns = array(); $patterns[0] = '/\\\%/'; $patterns[1] = '/\\\_/'; $replacements = array(); $replacements[0] = '%'; $replacements[1] = '_'; $output = preg_replace($patterns, $replacements, $escapedString); return $output; } function cleanup($string) { $out = nice_output(nice_escape($string)); return $out; } ?> Link to comment https://forums.phpfreaks.com/topic/279687-user-filtering/ Share on other sites More sharing options...
Strider64 Posted June 29, 2013 Share Posted June 29, 2013 magic quotes, run for the hills..... Link to comment https://forums.phpfreaks.com/topic/279687-user-filtering/#findComment-1438504 Share on other sites More sharing options...
bamfon Posted June 29, 2013 Author Share Posted June 29, 2013 magic quotes, run for the hills..... If you looked at the coding all its doing is checking if its on and then running "stripslashes" if its on, I turn it off, but other that may use my CMS might not. Link to comment https://forums.phpfreaks.com/topic/279687-user-filtering/#findComment-1438535 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.