MySQL Forums
Forum List  »  PHP

Assistance with securing input
Posted by: Davis Cheney
Date: May 02, 2011 02:37PM

I have an input field table $url that gets a secure scrub before being posted to the DB, but some of the characters are being HTMLicized after the scrubbing so that any URL that goes in with an & comes out on the other end as & and basically breaking the link.

here is the function:

function Secure ($string){
return trim(mysql_real_escape_string(strip_tags(htmlentities($string))));

here is the call on the page where input is:

$url = $_POST["url"];
$url = Secure($url);

thanks for your time,

Options: ReplyQuote

Written By
Assistance with securing input
May 02, 2011 02:37PM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.