This is my function for sanitizing data before I insert it into my database. It handles single variables, single dimensional arrays, and multi-dimensional arrays(recursive). It sanitizes numeric data(detects if int or float), checks for html tags in the posted data and makes it safe for storage(I store html and code snippets in my db). It checks for magic quotes and determines if mysqlrealescapestring function exists and if it doesnt mysqlescape_string is used (for older versions of php).
You need to login to post a comment.