Results 1 to 2 of 2
  1. 03-10-2007, 07:38 PM #1
    Eccentric
    Eccentric is offline Banned
    Join Date
    Jul 2007
    Location
    Swindon
    Posts
    990
    Tokens
    125

    Default Will this work - php

    PHP Code:
    function clean($str)
    {
    $cleaned strip_tags(htmlspecialchars(addslashes(stripslashes(htmlentities(mysql_real_escape_string(fix_magic_quotes$str )))))));

    return     $cleaned;
    a quick clean() function to stop $_Post and $_Get attacks

    Edit: Now removed fix_magic_quotes as its not needed that im aware of.
    PHP Code:
    function clean($str)
    {
    $cleaned strip_tags(htmlspecialchars(addslashes(stripslashes(htmlentities(mysql_real_escape_string$str ))))));

    return     $cleaned;
    any more security needed tbh?
    Last edited by Eccentric; 03-10-2007 at 07:47 PM.
    Reply With Quote Reply With Quote
  2. 04-10-2007, 11:43 AM #2
    RichardKnox
    RichardKnox is offline Greater Member
    Join Date
    Jul 2007
    Location
    Scotland
    Posts
    529
    Tokens
    0

    Default

    Why addslashes then stripslashes? Remove the stripslashes if it is to clean input. Remove addslashes if it is to clean output.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules