PHP Security Sanitize your Data Before Send to MySQL Database

October 20th, 2011 by Regaz

PHP 5 How-to Sanitize Data before Insertion




Here I describe a General Sanitizing Filter for Data Sent to MySQL.

The Data to Insert into MySQL are contained in the $data Variable.

PHP 5 How-to Sanitize Data before Insertion - Featured
  1. Check if magic_quotes is On and if Yes Strip Slashes
    if (get_magic_quotes_gpc()) $data = stripslahes($data);
  2. Trim and Escape your Data
    • With a mysql_connect Connection
      $data = mysql_real_escape_string(trim($data));
    • With a mysqli_connect Connection
      $data = mysqli_real_escape_string(trim($data), $yourDBConnection);
(Visited 1 times, 1 visits today)

Tags: ,


No Responses to “PHP Security Sanitize your Data Before Send to MySQL Database”

  1. Geckomind says:

    Works like a charm, thanks.

  2. Works perfectly with WMware Player 4.0.1, thank you! :)