PHP.net: Functions for preventing both SQL and XSS injection attacks

Monday, June 27, 2011

Functions for preventing both SQL and XSS injection attacks

Functions for preventing both SQL and XSS injection attacks

<?php
function mysql_entities_fix_string($string)
{
    return htmlentities(mysql_fix_string($string));
}
function mysql_fix_string($string)
{
    if (get_magic_quotes_gpc()) $string = stripslashes($string);
    return mysql_real_escape_string($string);
}
?>

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)