1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 7:34 am May 2, 2026

Forum Moderators: coopster

Message Too Old, No Replies

escaping input

Something in my gut tells me this isn't the best way

         

sned

6:59 pm on Oct 27, 2005 (gmt 0)

10+ Year Member



function escape_input(){
if(!get_magic_quotes_gpc()){
foreach($_POST as $id=>$value){
$_POST[$id] = mysql_real_escape_string($value);
}
foreach($_GET as $id=>$value){
$_GET[$id] = mysql_real_escape_string($value);
}
}
return true;
}

Can anybody comment on this function? I'm not sure if blanket escapes like this are a good idea or not.

Thanks!
-sned

ergophobe

8:37 pm on Oct 27, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



We've had some discussion on the topic in the past. I like to filter user input and then put it somewhere $clean and then use that.

See this thread:
[webmasterworld.com...]

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 7:34 am May 2, 2026