1<?php
2 function cleanUserInput($userinput) {
3
4 // Open your database connection
5 $dbConnection = databaseConnect();
6
7 // check if input is empty
8 if (empty($userinput)) {
9 return;
10 } else {
11
12 // Strip any html characters
13 $userinput = htmlspecialchars($userinput);
14
15 // Clean input using the database
16 $userinput = mysqli_real_escape_string($dbConnection, $userinput);
17 }
18
19 // Return a cleaned string
20 return $userinput;
21 }
22?>