By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
437,713 Members | 2,012 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 437,713 IT Pros & Developers. It's quick & easy.

parse user input

P: n/a
Ben
Hey all,
I've been wondering what you can do to make user inputted text safe for
input to a database, which will then be echoed back to a browser at
some point. Currently I'm running it through the following functions:
nl2br, htmlentities and stripslashes (if magic quotes is off). Is there
anything else I should test for before inserting into my table?
Ben.

Jul 17 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Nel
"Ben" <no**@none.com> wrote in message
news:40*********************@mercury.nildram.net.. .
Hey all,
I've been wondering what you can do to make user inputted text safe for
input to a database, which will then be echoed back to a browser at
some point. Currently I'm running it through the following functions:
nl2br, htmlentities and stripslashes (if magic quotes is off). Is there
anything else I should test for before inserting into my table?
Ben.


$text =
addslashes(htmlspecialchars(strip_tags(trim(chop($ text))),ENT_QUOTES));

Nel

Jul 17 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.