Before you use input, it is a good idea to validate it for mailicous content before use.
So you would make a function validation, which would then contain what validations checks?
- mysql_real_escape_string
- addslashes / stripslashes
- get_magic_quotes_gpc
- html_entities
- etc
Anything else you think I should or shouldnt be checking?
Test code:
function valid($value) {
mysql_real_escapte_string($value);
stripslashes($value);
// etc ($value)
// etc ($value)
return $value;
}
Thanks, Regards X
Note: Assumption is the variable is being inputted into a database