Solved

Clean up registration and login names etc  before inputting in mysql

Posted on 2011-09-24
3
278 Views
Last Modified: 2013-12-13
Hi,
I am trying to clean up my html form inputs before they hit mysql.
Is this possible as I've shown below? (It's not currently working?)
If it will work have I missed anything?
Thanks

$username=  sanitise($_POST['username']);

Open in new window


function sanitise($string) {
  $string = trim($string);
  $string = htmlentities($string);
  $string = strip_tags($string);
  $string = mysqli_real_escape_string($string);
  
  return $string;
}

Open in new window

0
Comment
Question by:encodeme
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 70 total points
ID: 36592518
PHP has built-in functions for this.  Look up filter_var() to learn more.  You will still need to use the escape_string functions.
0
 
LVL 9

Assisted Solution

by:ghodder
ghodder earned 55 total points
ID: 36592528
function sanitise($string) {
  return mysqli_real_escape_string(trim(htmlentities(strip_tags($string))));
}

Open in new window

0
 

Author Closing Comment

by:encodeme
ID: 36592693
H'm I didn't know those functions existed.

I appreciate the code tweaks... never thought of doing it inline.

thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question