Answer the question
In order to leave comments, you need to log in
W
W
wagwandude2016-12-18 18:55:00
wagwandude, 2016-12-18 18:55:00
Text filtering feature?
Hello.
Can you suggest a function or a set of functions to adequately filter the text sent by the user (from SQL injections, html codes, single quotes, etc.)
I know that there are strip_tags and other methods, but maybe someone wrote or found a function to clean up the code from unnecessary ?
I wrote a couple of modules for the engine, but after going through the security I found a lot of errors. For example, if you send a single quote, we get a MySQL Fatal Error, we had to write a regular expression, but then send a backslash with a quote - the same problem occurs.
In other words, it is not able to foresee all errors, therefore, in search of a suitable function.
Thanks in advance.
3 answer(s)
@entermix
@OnYourLips
On the other hand, this is not necessary.
You don't work with queries like you would with strings: https://habrahabr.ru/post/148701/
Display data with a template engine: twig.sensiolabs.org
This is enough, and no special protection is needed.
E
entermix, 2016-12-18 @entermix
Use PDO, or mysqli_escape_string to write to the database, this will be enough.
You can also use HTML Purifier if you need "something more than".
O
OnYourLips, 2016-12-19 @OnYourLips
Can you suggest a function or a set of functions to adequately filter the text sent by the user (from SQL injections, html codes, single quotes, etc.)Can not be.
On the other hand, this is not necessary.
You don't work with queries like you would with strings: https://habrahabr.ru/post/148701/
Display data with a template engine: twig.sensiolabs.org
This is enough, and no special protection is needed.
Similar questions
S
V
R
S
Sergey2015-05-13 21:19:17
How and how to split a webm file into several working parts in linux?
2Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question