advanced code snippet search

Posted By

pgmr on 03/19/09


Tagged

js sql php function injection clean sanitize xss


Versions (?)

Who likes this?

14 people have marked this snippet as a favorite

pgmr
lajevardi
rezzz
fruehjahr
pster
matthall
nb109
ninjacharlee
melihbuyuk
chopstik
wirenaught
robfahy
ringo380
clacwebstudio


Universal clean function - Protects against SQL, XSS, and JS injections

 / Published in: PHP
 

URL: http://www.pgmr.co.uk

This function protects against SQL, XSS, JS injections all in one function!

Expand | Embed | Plain Text 
  1. <?php
  2.  
  3. /**
  4.  * Cleaning Input Script
  5.  * Copyright 2009 - www.pgmr.co.uk - [email protected]
  6.  */
  7.  
  8. function clean($str) {
  9. 	if(!get_magic_quotes_gpc()) {
  10.     	$str = addslashes($str);
  11.     }
  12. 	$str = strip_tags(htmlspecialchars($str));
  13. 	return $str;
  14. }
  15.  
  16. ?>

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: pgmr on March 19, 2009

www.pgmr.co.uk ;)

Posted By: Vordreller on March 22, 2009

I see no method implemented to clear hexadecimal notations.

check this function: rawurldecode

Posted By: pgmr on March 25, 2009

This isn't mean for just URL's. It's meant for cleaning just any random input.

You need to login to post a comment.