sanitize form data php
# sanitize form data
function clean($data)
{
$data = htmlspecialchars($data);
$data = stripslashes($data);
$data = trim($data);
return $data;
}sanitize form data php
# sanitize form data
function clean($data)
{
$data = htmlspecialchars($data);
$data = stripslashes($data);
$data = trim($data);
return $data;
}php filters
#Filter Validation
<?php
//checks for posted data
/*
if(filter_has_var(INPUT_POST,'data')){
echo 'Data Found';
}else{
echo 'No Data';
}
*/
if(filter_has_var(INPUT_POST,'data')){
//remove illegal chars
$email = $_POST['data'];
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
echo $email.'<br>';
//validate as an email address
if(filter_input(INPUT_POST, 'data', FILTER_VALIDATE_EMAIL)){
echo 'Email is Valid';
}else{
echo 'Email is not Valid';
}
//we can use the below if we use the sanatizer above
if(filter_var($email, FILTER_VALIDATE_EMAIL)){
echo 'Email is Valid';
}else{
echo 'Email is not Valid';
}
}
#Other Validations
#FILTER_VALIDATE_BOOLEAN
#FILTER_VALIDATE_EMAIL
#FILTER_VALIDATE_FLOAT
#FILTER_VALIDATE_INT
#FILTER_VALIDATE_IP
#FILTER_VALIDATE_REGEXP 'REGULAR EXPRESSION'
#FILTER_VALIDATE_URL
#Other sanatizes
#FILTER_SANATIZE_EMAIL
#FILTER_SANATIZE_ENCODED
#FILTER_SANATIZE_NUMBER_FLOAT
#FILTER_SANATIZE_NUMBER_INT
#FILTER_SANATIZE_SPECIAL_CHARS
#FILTER_SANATIZE_STRING
#FILTER_SANATIZE_URL
//EXAMPLE int VALIDATION
$var = 'john';
if(filter_var($var, FILTER_VALIDATE_INT)){
echo '<br>'.$var.' is a number<br>';
}else{
echo '<br>'.$var.' is not a number'.'<br>';
}
//EXAMPLE int Sanitazion
$var2 = '33k2dsdffgsdf3563sdf';
var_dump(filter_var($var2, FILTER_SANITIZE_NUMBER_INT));
//ARRAY USAGE
$filters = array(
"data" => FILTER_VALIDATE_EMAIL,
"data2" => array(
"filter" => FILTER_VALIDATE_INT,
"options" => array(
"min_range" => 1,
"max_range" => 100
)
)
);
print_r(filter_input_array(INPUT_POST, $filters));
?>
<form method ="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<input type="text" name="data">
<input type="text" name="data2">
<button type="submit">Submit</button>
</form>php clean user input
<?php
function cleanUserInput($userinput) {
// Open your database connection
$dbConnection = databaseConnect();
// check if input is empty
if (empty($userinput)) {
return;
} else {
// Strip any html characters
$userinput = htmlspecialchars($userinput);
// Clean input using the database
$userinput = mysqli_real_escape_string($dbConnection, $userinput);
}
// Return a cleaned string
return $userinput;
}
?>Copyright © 2021 Codeinu
Forgot your account's password or having trouble logging into your Account? Don't worry, we'll help you to get back your account. Enter your email address and we'll send you a recovery link to reset your password. If you are experiencing problems resetting your password contact us
