Sanitize user inputs using php

Posted by bput4all on October 7, 2012 · 11 Comments

function cleaninput($input) {

  $search = array(
    '@<script[^>]*?>.*?</script>@si',   // Strip out javascript
    '@<[\/\!]*?[^<>]*?>@si',            // Strip out HTML tags
    '@<style[^>]*?>.*?</style>@siU',    // Strip style tags properly
    '@<![\s\S]*?--[ \t\n\r]*>@'         // Strip multi-line comments
  );

    $output = preg_replace($search, '', $input);
    return $output;
  }

function sanitize($input) {
    if (is_array($input)) {
        foreach($input as $var=>$val) {
            $output[$var] = sanitize($val);
        }
    }
    else {
        if (get_magic_quotes_gpc()) {
            $input = stripslashes($input);
        }
        $input  = cleaninput($input);
        $output = mysql_real_escape_string($input);
    }
    return $output;
}

// Usage:
$bad_string = "Hi! <script src='http://www.evilsite.com/bad_script.js'></script> It's a good day!";
  $good_string = sanitize($bad_string);
  // $good_string returns "Hi! It\'s a good day!"

  // Also use for getting POST/GET variables
  $_POST = sanitize($_POST);
  $_GET  = sanitize($_GET);

Filed under php · Tagged with clean get, clean raw html using php, clean user input, php, post data, sanitize user input, user input php

Comments

11 Responses to “Sanitize user inputs using php”

Valerie says:

October 8, 2012 at 3:18 am

As I web site possessor I believe the content material here is rattling great , appreciate it for your efforts. You should keep it up forever! Best of luck.

Reply
Makeup tips says:

October 13, 2012 at 6:59 pm

An interesting discussion is worth comment. I think that you should write more on this topic, it might not be a taboo subject but generally people are not enough to speak on such topics. To the next. Cheers

Reply
lista de emails says:

October 21, 2012 at 9:34 pm

excellent post. i want to thank you for this informative read, i really appreciate sharing this great post. keep up your work. lista de emails lista de emails lista de emails lista de emails lista de emails

Reply
diablo 3 gold says:

October 23, 2012 at 4:38 am

I’m still learning from you, as I’m trying to achieve my goals. I definitely enjoy reading all that is posted on your site.Keep the tips coming. I loved it!

Reply
Trenton Stephanski says:

October 24, 2012 at 1:13 am

I simply want to say I am just all new to blogging and site-building and truly savored this web site. Almost certainly I’m planning to bookmark your blog post . You really come with incredible well written articles. Regards for sharing with us your website.

Reply
chanel wallet says:

October 24, 2012 at 4:24 pm

Wow! This could be one particular of the most helpful blogs We have ever arrive across on this subject. Basically Great. I am also a specialist in this topic therefore I can understand your effort.
chanel wallet http://chanelwallet.ezweb123.com/

Reply
Rae Mascarenas says:

October 28, 2012 at 8:01 am

Good site you’ve got here.. It’s hard to find good quality writing like yours these days. I honestly appreciate individuals like you! Take care!!

Reply
Sammy Naidu says:

October 29, 2012 at 3:56 am

I just want to tell you that I am beginner to blogs and absolutely savored your blog. Very likely I’m likely to bookmark your site . You definitely come with remarkable articles. Thank you for sharing with us your blog.

Reply
http://www.indobet.com says:

November 5, 2012 at 3:51 am

Very interesting topic, regards for putting up.

Reply
IBCbet says:

November 5, 2012 at 11:34 am

Very interesting subject, regards for putting up.

Reply
SEO Murah says:

November 5, 2012 at 4:05 pm

Very interesting subject, appreciate it for putting up.

Reply