User Tools

Site Tools


php:secit
secit.php
/* Function for XSS/SQL/? escaping */
function secit($string, $clean = "") {
// HTML/XSS escape
        $out = $string;
        $escaped = 0;
 
        if ($clean == "full" || $clean == "html") {
                $out = htmlspecialchars($out);
                $escaped = 1;
        }
// SQL escape
        if ($clean == "full" || $clean == "sql") {
                $out = mysql_real_escape_string($out);
                $escaped = 1;
        }
 
// Return the string. Output error if the string was not cleaned.
        if ($escaped != 1) {
                return "E_NO_CLEAN";
        } else {
                return $out;
        }
}
php/secit.txt · Last modified: 2015/08/15 22:56 by 127.0.0.1

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki