Comments on: Create a Simple Input Sanitation Function With PHP. http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php Become a Better Developer, One Tip at a Time. Tue, 27 Sep 2011 18:42:19 +0000 hourly 1 http://wordpress.org/?v= By: Solo http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-1929 Solo Sat, 27 Nov 2010 20:22:44 +0000 http://dev-tips.com/?p=379#comment-1929 so, why no mysql_real_escape_string use at all?? so, why no mysql_real_escape_string use at all??

]]> By: dESiGNERz BLOG » 120 Tips, Tricks, and Tuts from 2009 Worth your Time http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-1567 dESiGNERz BLOG » 120 Tips, Tricks, and Tuts from 2009 Worth your Time Thu, 21 Jan 2010 17:23:31 +0000 http://dev-tips.com/?p=379#comment-1567 [...] Create a Simple Input Sanitation Function With PHP [...] [...] Create a Simple Input Sanitation Function With PHP [...]

]]> By: 120 Tips, Tricks, and Tuts from 2009 Worth your Time | Tutorial51 http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-1261 120 Tips, Tricks, and Tuts from 2009 Worth your Time | Tutorial51 Tue, 29 Dec 2009 11:52:14 +0000 http://dev-tips.com/?p=379#comment-1261 [...] Create a Simple Input Sanitation Function With PHP [...] [...] Create a Simple Input Sanitation Function With PHP [...]

]]> By: Neil Skoglund » Blog Archive » 120 Tips, Tricks, and Tuts from 2009 Worth your Time http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-1256 Neil Skoglund » Blog Archive » 120 Tips, Tricks, and Tuts from 2009 Worth your Time Tue, 29 Dec 2009 02:24:05 +0000 http://dev-tips.com/?p=379#comment-1256 [...] Create a Simple Input Sanitation Function With PHP [...] [...] Create a Simple Input Sanitation Function With PHP [...]

]]> By: Apathy http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-722 Apathy Mon, 11 May 2009 18:06:39 +0000 http://dev-tips.com/?p=379#comment-722 Right. First off empty() is a really bad choice here, since the function returns false if empty() evaluates to true, and since $num = 0; will make empty($num) return 0, well, you get the point. You're better of with using $str != "". Also, you should be consistent with the syntax of the if and else-clauses by always using {} for increased readability. Regarding arrays I recommend you taking a look at array_map, which is a really handy function, and will probably save some work with writing array-compatible code. Right. First off empty() is a really bad choice here, since the function returns false if empty() evaluates to true, and since $num = 0; will make empty($num) return 0, well, you get the point. You’re better of with using $str != “”.

Also, you should be consistent with the syntax of the if and else-clauses by always using {} for increased readability.

Regarding arrays I recommend you taking a look at array_map, which is a really handy function, and will probably save some work with writing array-compatible code.

]]> By: Vasili http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-674 Vasili Sun, 03 May 2009 21:21:31 +0000 http://dev-tips.com/?p=379#comment-674 I don't understand what you mean.. If you mean stripping the content between the tags, then no; it just removes the tags (and whatever is in them, ie. attributes). I don’t understand what you mean.. If you mean stripping the content between the tags, then no; it just removes the tags (and whatever is in them, ie. attributes).

]]> By: sumit http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-665 sumit Sun, 03 May 2009 18:09:24 +0000 http://dev-tips.com/?p=379#comment-665 does this work for the items between the tags? does this work for the items between the tags?

]]> By: Vasili http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-662 Vasili Sun, 03 May 2009 16:36:15 +0000 http://dev-tips.com/?p=379#comment-662 Well, usually if you're trying to strip links you aren't going to strip some depending on attributes - at least I don't. As for XSS, I have a completely different function to check for XSS. Thanks for the comment. :) Well, usually if you’re trying to strip links you aren’t going to strip some depending on attributes – at least I don’t. As for XSS, I have a completely different function to check for XSS.

Thanks for the comment. :)

]]> By: Shawn Stratton http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-661 Shawn Stratton Sun, 03 May 2009 16:28:39 +0000 http://dev-tips.com/?p=379#comment-661 The only problem I'm noticing is your regex use with strip tags, the regex fails if there are attributes with the tag and striptags has some issues with said attributes as well. Also this will not protect you against XSS if any of the values you're using wind up inside of a . Otherwise good work. The only problem I’m noticing is your regex use with strip tags, the regex fails if there are attributes with the tag and striptags has some issues with said attributes as well. Also this will not protect you against XSS if any of the values you’re using wind up inside of a . Otherwise good work.

]]> By: Drew Douglass http://dev-tips.com/featured/create-a-simple-input-sanitation-function-with-php#comment-653 Drew Douglass Sun, 03 May 2009 04:36:55 +0000 http://dev-tips.com/?p=379#comment-653 Great article Vasili, simple and effective. I'm personally a fan of always using curly brackets, but in this situation, it's just a matter of preference I suppose :) Hope to see more like this from you. Great article Vasili, simple and effective.

I’m personally a fan of always using curly brackets, but in this situation, it’s just a matter of preference I suppose :)

Hope to see more like this from you.

]]>