1# sanitize form data
2function clean($data)
3{
4 $data = htmlspecialchars($data);
5 $data = stripslashes($data);
6 $data = trim($data);
7 return $data;
8}
1<?php
2function sanitize($stringToSanitize) {
3 return addslashes(htmlspecialchars($stringToSanitize));
4}
5// You can just use the codes themselves instead of creating a function as:
6echo addslashes(htmlspecialchars($stringToSanitize));
7?>
1<?php
2 function cleanUserInput($userinput) {
3
4 // Open your database connection
5 $dbConnection = databaseConnect();
6
7 // check if input is empty
8 if (empty($userinput)) {
9 return;
10 } else {
11
12 // Strip any html characters
13 $userinput = htmlspecialchars($userinput);
14
15 // Clean input using the database
16 $userinput = mysqli_real_escape_string($dbConnection, $userinput);
17 }
18
19 // Return a cleaned string
20 return $userinput;
21 }
22?>