clean user input data ( GET, POST, COOKIE )


 / Published in: PHP
 

URL: http://www.meelsonwheels.com

Created for my own purposes, thought I'd share though ;)

copy paste at the top of your file and it does the magic :)

  1. <?php
  2.  
  3. function clean($value)
  4. {
  5. if (get_magic_quotes_gpc()) $value = stripslashes($value);
  6.  
  7. if (!is_numeric($value)) $value = mysql_real_escape_string($value);
  8.  
  9. return $value;
  10. }
  11.  
  12. array_walk($_GET,'clean');
  13. array_walk($_POST,'clean');
  14. array_walk($_COOKIE,'clean');
  15.  
  16. extract($_GET,EXTR_PREFIX_ALL,'get');
  17. extract($_POST,EXTR_PREFIX_ALL,'post');
  18. extract($_COOKIE,EXTR_PREFIX_ALL,'cookie');
  19.  
  20. ?>

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: oakim on July 6, 2009

What do the extract rows do?

Posted By: jcrooke on August 5, 2009

This won't work if you use arrays in your forms, i.e.;

Orange Lemon Pear

You need to introduce a line to check if the $value is an array, e.g;

if(is_array($value))

Posted By: jcrooke on August 5, 2009

sorry, that should have read;

<input type="checkbox" name="fruits[]" value="orange" /> Orange <input type="checkbox" name="fruits[]" value="lemon" /> Lemon <input type="checkbox" name="fruits[]" value="pear" /> Pear

The tags were stripped

You need to login to post a comment.