parse user input

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Ben
    #1

    parse user input

    Hey all,
    I've been wondering what you can do to make user inputted text safe for
    input to a database, which will then be echoed back to a browser at
    some point. Currently I'm running it through the following functions:
    nl2br, htmlentities and stripslashes (if magic quotes is off). Is there
    anything else I should test for before inserting into my table?
    Ben.

    Tags: None
    • Nel
      #2
      Re: parse user input

      "Ben" <none@none.co m> wrote in message
      news:40e56438$0 $117$65c69314@m ercury.nildram. net...[color=blue]
      > Hey all,
      > I've been wondering what you can do to make user inputted text safe for
      > input to a database, which will then be echoed back to a browser at
      > some point. Currently I'm running it through the following functions:
      > nl2br, htmlentities and stripslashes (if magic quotes is off). Is there
      > anything else I should test for before inserting into my table?
      > Ben.[/color]

      $text =
      addslashes(html specialchars(st rip_tags(trim(c hop($text))),EN T_QUOTES));

      Nel



        Comment

        Previous template Next
        Working...