Return to Snippet

Revision: 57979
at June 19, 2012 03:15 by TheNullByte

Initial Code
function clean($a)
		$a = stripslashes($a);
	$a = mysql_real_escape_string($a);
        $a = htmlentities($a);
	return $a;

Initial URL

Initial Description
Just a small function to sanitize the user's input of any xss and sqli. I saw a lot of ones that didn't include htmlentities or htmlspecialchars, and were still vulnerable to persistent/reflected xss.

Initial Title
Sanitize (MySQL and XSS)

Initial Tags
php, user

Initial Language