A
Anonymous
Guest
Hey guys I want to share a function to clear everything harmful someone can write in to your textfields and areas. *NOTE: FOR MYSQLI!*
For example I save two variables that I will call
$username
$password
First step: Add this before you are inserting this variable to a database or using any sql connections with it
Step 2:
After I added this only thing I need is to run my variable through this function:
In my case this would look like this
Sum:
Add this to your PHP code:
After that run your variable through it:
I hope you enjoy this code
For example I save two variables that I will call
$username
$password
First step: Add this before you are inserting this variable to a database or using any sql connections with it
Code:
function cleanInput($input) {
$search = array(
'@<script[^>]*?>.*?</script>@si',
'@<[\/\!]*?[^<>]*?>@si',
'@<style[^>]*?>.*?</style>@siU',
'@<![\s\S]*?--[ \t\n\r]*>@'
);
$output = preg_replace($search, '', $input);
return $output;
}
After I added this only thing I need is to run my variable through this function:
Code:
$var = trim(cleanInput(mysqli_real_escape_string($con,$var)));
In my case this would look like this
Code:
$username = trim(cleanInput(mysqli_real_escape_string($con,$username)));
$password = trim(cleanInput(mysqli_real_escape_string($con,$password)));
Sum:
Add this to your PHP code:
Code:
function cleanInput($input) {
$search = array(
'@<script[^>]*?>.*?</script>@si',
'@<[\/\!]*?[^<>]*?>@si',
'@<style[^>]*?>.*?</style>@siU',
'@<![\s\S]*?--[ \t\n\r]*>@'
);
$output = preg_replace($search, '', $input);
return $output;
}
After that run your variable through it:
Code:
$YOURVARIABLE = trim(cleanInput(mysqli_real_escape_string($con,$YOURVARIABLE)));
I hope you enjoy this code