Advanced Search

Clean array for Posting / SQL injection protection

/ Published in: PHP
Save to your folder(s)
Need a function to clean your _POST array before inserting into a database? Just pass $_POST to this function.

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. function clean_array_for_post($post) {
  2.         foreach($post as $key => $value) {
  3.             // stripslashes, we don't want to rely on magic quotes
  4.             if(get_magic_quotes_gpc()) {
  5.                 $post[$key] = stripslashes($value);
  6.             }
  7.             // quote if not a number
  8.             if(!is_numeric($value)) {
  9.                 $post[$key] = mysql_real_escape_string($value);
  10.             }
  11.         }
  12.         return $post;
  13.     }

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.