/ Published in: PHP
This is a simple function that sanitizes the data before sending it to MySQL. First it removes whitespaces from the beginning and ending of the string. If magic_quotes_gpc is enabled and the data has been already escaped we will apply stripslashes() to the data. This way the data won’t be escaped twice when mysql_real_escape_string() is called.
Example:
$username = sanitize($_POST['username']);
$password = sanitize($_POST['password']);
Example:
$username = sanitize($_POST['username']);
$password = sanitize($_POST['password']);
Expand |
Embed | Plain Text
Copy this code and paste it in your HTML
1. function sanitize($data) 2. { 3. // remove whitespaces (not a must though) 5. 6. // apply stripslashes if magic_quotes_gpc is enabled 8. { 10. } 11. 12. // a mySQL connection is required before using this function 14. 15. return $data; 16. }