php, security, snippet

Securing User Input in PHP

April 21, 2008 2 comments

In nearly all of my PHP tutorials you’ll see me using the secure function to sanitise incoming user data from things like forms, and $_GETs . Its a small function, which no doubt alot of you already have, but here it is anyway.

function secure($string) {
		$string = strip_tags($string);
		$string = htmlspecialchars($string);
		$string = trim($string);
		$string = stripslashes($string);
		$string = mysql_real_escape_string($string);…
Continue Reading