Clean array for Posting / SQL injection protection

Revision: 15491

at July 7, 2009 15:54 by the_dev

Initial Code

function clean_array_for_post($post) {
        foreach($post as $key => $value) {
            // stripslashes, we don't want to rely on magic quotes
            if(get_magic_quotes_gpc()) {
                $post[$key] = stripslashes($value);
            }
            // quote if not a number
            if(!is_numeric($value)) {
                $post[$key] = mysql_real_escape_string($value);
            }
        }
        return $post;
    }

Initial URL

Initial Description

Need a function to clean your _POST array before inserting into a database? Just pass $_POST to this function.

Initial Title

Clean array for Posting / SQL injection protection

Initial Tags

mysql, php, array

Initial Language

PHP

Choose a language for easy browsing: