• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 288
  • Last Modified:

Clean up registration and login names etc before inputting in mysql

Hi,
I am trying to clean up my html form inputs before they hit mysql.
Is this possible as I've shown below? (It's not currently working?)
If it will work have I missed anything?
Thanks

$username=  sanitise($_POST['username']);

Open in new window


function sanitise($string) {
  $string = trim($string);
  $string = htmlentities($string);
  $string = strip_tags($string);
  $string = mysqli_real_escape_string($string);
  
  return $string;
}

Open in new window

0
encodeme
Asked:
encodeme
2 Solutions
 
Ray PaseurCommented:
PHP has built-in functions for this.  Look up filter_var() to learn more.  You will still need to use the escape_string functions.
0
 
ghodderCommented:
function sanitise($string) {
  return mysqli_real_escape_string(trim(htmlentities(strip_tags($string))));
}

Open in new window

0
 
encodemeAuthor Commented:
H'm I didn't know those functions existed.

I appreciate the code tweaks... never thought of doing it inline.

thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now