MySQL Forums :: PHP :: Assistance with securing input


Advanced Search

Assistance with securing input
Posted by: Davis Cheney ()
Date: May 02, 2011 02:37PM

I have an input field table $url that gets a secure scrub before being posted to the DB, but some of the characters are being HTMLicized after the scrubbing so that any URL that goes in with an & comes out on the other end as & and basically breaking the link.

here is the function:

}
function Secure ($string){
return trim(mysql_real_escape_string(strip_tags(htmlentities($string))));
}

here is the call on the page where input is:

$url = $_POST["url"];
$url = Secure($url);

thanks for your time,
d

Options: ReplyQuote


Subject Written By Posted
Assistance with securing input Davis Cheney 05/02/2011 02:37PM
Re: Assistance with securing input Davis Cheney 05/02/2011 03:23PM
Re: Assistance with securing input Rick James 05/03/2011 11:19PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.