MemphiS Posted July 22, 2007 Share Posted July 22, 2007 I have a forum which i made and i wish to check the input to stop any SQL injections being made. IN the db i have the column set to TEXT. How can i make sure that what the user inputs is safe... i know i could ereg or ctype it but if i write the text then press enter it doesnt allow it. Without the enter it works fine but with a enter space it doesnt... Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 22, 2007 Share Posted July 22, 2007 try nltbr() function Quote Link to comment Share on other sites More sharing options...
MemphiS Posted July 22, 2007 Author Share Posted July 22, 2007 Hmm that should work.. ahh so many php functions i dont know about Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 22, 2007 Share Posted July 22, 2007 nl2br() http://uk2.php.net/nl2br sorry wrong syntex Quote Link to comment Share on other sites More sharing options...
MemphiS Posted July 22, 2007 Author Share Posted July 22, 2007 hmm i was thinking along the lines of something like: <?php $text = $_POST['text']; if (!nltbr(!ctype_alpha($text))){ echo "Bad data entered"; }else{ echo "good data"; } ?> no problem redarrow i found it Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 22, 2007 Share Posted July 22, 2007 should work m8 Quote Link to comment Share on other sites More sharing options...
MemphiS Posted July 23, 2007 Author Share Posted July 23, 2007 Hmm Didnt work... Anyone else have an idea? Quote Link to comment Share on other sites More sharing options...
MemphiS Posted July 23, 2007 Author Share Posted July 23, 2007 bumP Quote Link to comment Share on other sites More sharing options...
MemphiS Posted July 23, 2007 Author Share Posted July 23, 2007 ,... Quote Link to comment Share on other sites More sharing options...
MemphiS Posted July 23, 2007 Author Share Posted July 23, 2007 ??? Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 23, 2007 Share Posted July 23, 2007 try <?php $text = $_POST['text']; if (nltbr(!ctype_alpha($text))){ echo "Bad data entered"; }else{ echo "good data"; } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.