advanced code snippet search

Posted By

lajevardi on 02/28/09


Tagged

database sql oop injection security


Versions (?)

Who likes this?

4 people have marked this snippet as a favorite

lajevardi
jfherring
pezland
vali29


Method to prevent SQL Injection attacks.

 / Published in: PHP
 

This is a method of my database class which let me sift the unsafe data inputs down.

Expand | Embed | Plain Text 
  1. public function siftDown($dataStack){
  2. 		if(!is_array($dataStack)){
  3. 			$dataStack = ereg_replace("[\'\")(;|`,<>]","",$dataStack);
  4. 			$dataStack = mysql_real_escape_string(trim($dataStack),$this->connection);
  5. 			$dataStack = stripslashes($dataStack);
  6. 			return $dataStack;
  7. 			}
  8. 		$safeData = array();
  9. 		foreach($dataStack as $p=>$data){
  10. 					$data = ereg_replace("[\'\")(;|`,<>]","",$data);
  11. 					$data = mysql_real_escape_string(trim($data),$this->connection);
  12. 					$data = stripslashes($data);
  13. 					$safeData[$p] = $data;
  14. 					}
  15. 		return $safeData;
  16. 		}

Report this snippet  

You need to login to post a comment.