Hi all, I have ben tring to write some code that will help protect my forms \ data input
I have wrote the following for anyone to use \ comment \ edit and improve.
Im new to php and have read alot about securing data input from sql injection.
If anyone could reply with how the following can be enhanced or comment so others could use this piece of script, It will not only help me but others too,
Many thanks, I look forward to yuor replies -
// if you would like to use this script, simply change the values
// of each variable to match those of yours
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$gender = clean($_POST['gender']);
$fname = clean($_POST['fname']);
$lname = clean($_POST['lname']);
$dob_y = clean($_POST['dob_y']);
$dob_m = clean($_POST['dob_m']);
$dob_d = clean($_POST['dob_d']);
$age = clean($_POST['age']);
$login = clean($_POST['login']);
$password = clean($_POST['password']);
$cpassword = clean($_POST['cpassword']);
$email = clean($_POST['email']);
$mobnum = clean($_POST['mobnum']);
$country = clean($_POST['country']);
$city = clean($_POST['city']);
$img1 = clean($_POST['img1']);