Asked 7 years ago
4 Jan 2017
Views 987

posted

how to sanitizing user input with PHP ?

which is the best way to sanitize user input with PHP ? user input is open gates to system . so if we do not secure this gate , than many malware and virus enter in system which lead website crash and system shutdown. some time cause non recoverable situation so is there any strong and secure filter which we apply to website gates so there is no loss at long time by hacker.
most of CMS like joomla , wordpress had good hand input filtering . you can use it directly . it come with lots of extension which help you website development - Rasi  
Jan 6 '17 04:39
Mitul Dabhi

Mitul Dabhi
answered Nov 30 '-1 00:00

htmlspecialchars will encode html tag to special chars which reduce the risk unwanted script run.

function sanitize ($input){
	return htmlspecialchars($input,ENT_QUOTES);	
}



echo sanitize ("<script >alert('hello');</scrip>")
Phpworker

Phpworker
answered Nov 30 '-1 00:00

quick solution
single filter for value which going to save to database
you can use mysql_real_escape_string function to escape any special character like single quote and double quote etc..
only sanitize when saving data in database . its not enough , every request and input should be filtered before it getting processed. - Rasi  
Jan 6 '17 05:30
Post Answer