When submitting a form you should always check its submitted values even if its not effecting a database as it is good practice. Ive got simple PHP function that ive been using for the last 3 years and thought it was about time to post it up.
//Function to sanitize values received from the form. Prevents SQL injection
function cleanString($string) {
$strtags = strip_tags($string);
if(get_magic_quotes_gpc()) {
$stripped = stripslashes($strtags);
$passed = mysql_real_escape_string($stripped);
} else {
$passed = mysql_real_escape_string($strtags);
}
return $passed;
}
Web Design in Auckland
DevFX is built and based on providing New Zealand companies, small to large, with a complete solution to web site developement from dynamic content management systems to ecommerce solutions. Within this model we also provide web sitehosting based within one of New Zealands largest, most secure and fastest datacentres. Its time to start moving forward with DevFX.
Blogroll
- AtNewZealand.com
- Mobile usability testing
- New Zealand Small Business Directory
- The New Zealand Website, Article & Business Directory