php:secit
- secit.php
/* Function for XSS/SQL/? escaping */ function secit($string, $clean = "") { // HTML/XSS escape $out = $string; $escaped = 0; if ($clean == "full" || $clean == "html") { $out = htmlspecialchars($out); $escaped = 1; } // SQL escape if ($clean == "full" || $clean == "sql") { $out = mysql_real_escape_string($out); $escaped = 1; } // Return the string. Output error if the string was not cleaned. if ($escaped != 1) { return "E_NO_CLEAN"; } else { return $out; } }
php/secit.txt · Last modified: 2015/08/15 22:56 by 127.0.0.1