Jump to content

Sanitizing Input


Go to solution Solved by EmmanuelP89,

Recommended Posts

Hi i'm fairly new to PHP and have been going through Learning PHP, MySQL, Javascript and CSS by Robin Nixon 2nd edition and found the following problem in the following example that I could not figure out.
I would appreciate any help to fixing it. Thanks
 
 
 
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
    <head>
        <meta charset="UTF-8">
        <title></title>
    </head>
    <body>
        <?php
            /* 
             * 
             */
        
        $f = $c = "";
        
        if (isset($_POST['f'])) 
        {
            $f = sanitizeString($_POST['f']);
        }
        if (isset($_POST['c'])) 
        {
            $c = sanitizeString($_POST['c']);
        }
 
        // degree symbol done by alt + 0176
        if ($f != '')
        {
            $c = intval((5 / 9) * ($f - 32));
            $out = "$f °f equals $c °c";
        }
        elseif($c != '')
        {
            $f = intval((9 / 5) * $c + 32);
            $out = "$c °c equals $f °f";
        }
        else 
        {
            $out = "";
        }
        
        echo <<<_END
        <html>
            <head>
                <title>Temprature Converter</title>
            </head>
            <body>
                <pre>
            Enter either Fahrenheit or Celsius and click Convert
                
            <b>$out</b>
            <form method="post" action="convert.php">
            Fahrenheit  <input type="text" name="f" size="7" />
               Celsius  <input type="text" name="c" size="7" />
                        <input type="submit" value="Convert" />
            </form>    
                </pre>
            </body>
        </html>
_END;
        
        function sanitizeString($var)
        {
            $var = stripslashes($var);
            $var = htmlentitites($var);
            $var = strip_tags($var);
            return $var;
        }
        
        ?>
    </body>
</html>
 
 
*****************************************************************************************************
 
This is what happens after running the converter
 
 
( ! ) Fatal error: Call to undefined function htmlentitites() in C:\wamp\www\Chapter10\Chapter11\convert.php on line 68 Call Stack # Time Memory Function Location 1 0.0004 260784 {main}( ) ..\convert.php:0 2 0.0004 261616 sanitizeString( ) ..\convert.php:22
 

 

Link to comment
https://forums.phpfreaks.com/topic/286297-sanitizing-input/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.