Advanced Search

String to database (sanitize string for inserting in database)

/ Published in: PHP
Save to your folder(s)
This function can be used to sanitize single string variable or massive like POST, GET, COOKIE. It performs magic quotes gpc check, strip tags, trim and escape the dangerous signs with mysql_real_escape_string.

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. function str2db($input, $strip_tags=true) {
  2. 	if(is_array($input)) {
  3. 		foreach($input as $key => $value) {
  4. 			$input[$key] = str2db($value);
  5. 		}
  6. 	} else {
  7. 		if(get_magic_quotes_gpc()) {
  8. 			if(ini_get('magic_quotes_sybase')){
  9. 					$input = str_replace("''", "'", $input);
  10. 			}
  11. 			else {
  12. 				$input = stripslashes($input);
  13. 			}
  14.         }
  15. 		if($strip_tags) {
  16. 			$input = strip_tags($input);
  17. 		}
  18. 		$input = mysql_real_escape_string($input);
  19. 		$input = trim($input);
  20. 	}
  21. 	return $input;
  22. }

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.