Clean array for Posting / SQL injection protection


/ Published in: PHP
Save to your folder(s)

Need a function to clean your _POST array before inserting into a database? Just pass $_POST to this function.


Copy this code and paste it in your HTML
  1. function clean_array_for_post($post) {
  2. foreach($post as $key => $value) {
  3. // stripslashes, we don't want to rely on magic quotes
  4. $post[$key] = stripslashes($value);
  5. }
  6. // quote if not a number
  7. if(!is_numeric($value)) {
  8. $post[$key] = mysql_real_escape_string($value);
  9. }
  10. }
  11. return $post;
  12. }

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.