Posted By

nielsenrc on 03/18/11


Tagged


Versions (?)

Who likes this?

11 people have marked this snippet as a favorite

cplusplus
o0110o
mikael12
dsoms
kerwinmuriel
notturnale
czehner
gecko666
Hammersholt
Priestd09
Kwasi


PHP Functions to Clean User Input


 / Published in: PHP
 

URL: http://css-tricks.com/snippets/php/sanitize-database-inputs/

  1. <?php
  2. function cleanInput($input) {
  3.  
  4. $search = array(
  5. '@<script[^>]*?>.*?</script>@si', // Strip out javascript
  6. '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags
  7. '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly
  8. '@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments
  9. );
  10.  
  11. $output = preg_replace($search, '', $input);
  12. return $output;
  13. }
  14. ?>
  15. <?php
  16. function sanitize($input) {
  17. if (is_array($input)) {
  18. foreach($input as $var=>$val) {
  19. $output[$var] = sanitize($val);
  20. }
  21. }
  22. else {
  23. $input = stripslashes($input);
  24. }
  25. $input = cleanInput($input);
  26. $output = mysql_real_escape_string($input);
  27. }
  28. return $output;
  29. }
  30. ?>

Report this snippet  

You need to login to post a comment.