Sanitize a PHP string for input into a Database


/ Published in: PHP
Save to your folder(s)



Copy this code and paste it in your HTML
  1. function sanitize_sql_string($string, $min='', $max='')
  2. {
  3. $pattern[0] = '/(\\\\)/';
  4. $pattern[1] = "/\"/";
  5. $pattern[2] = "/'/";
  6. $replacement[0] = '\\\\\\';
  7. $replacement[1] = '\"';
  8. $replacement[2] = "\\'";
  9. $len = strlen($string);
  10. if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max)))
  11. return FALSE;
  12. return preg_replace($pattern, $replacement, $string);
  13. }
  14. //usage
  15. //sanitize_sql_string($an_unsafe_string);

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.