Revision: 57979
Initial Code
Initial URL
Initial Description
Initial Title
Initial Tags
Initial Language
at June 19, 2012 03:15 by TheNullByte
Initial Code
function clean($a)
{
if(get_magic_quotes_gpc())
{
$a = stripslashes($a);
}
$a = mysql_real_escape_string($a);
$a = htmlentities($a);
return $a;
}
Initial URL
Initial Description
Just a small function to sanitize the user's input of any xss and sqli. I saw a lot of ones that didn't include htmlentities or htmlspecialchars, and were still vulnerable to persistent/reflected xss.
Initial Title
Sanitize (MySQL and XSS)
Initial Tags
php, user
Initial Language
PHP