Programming Help

Web Development



What's Here?

  • Members: 137,219
  • Replies: 481,452
  • Topics: 75,056
  • Snippets: 2,567
  • Tutorials: 675
  • Total Online: 2,231
  • Members: 105
  • Guests: 2,126
 

Code Snippets

  

PHP Source Code
Welcome to Dream.In.Code
Become a PHP Expert!

Join 137,219 PHP Programmers for FREE! Get instant access to thousands of PHP experts, tutorials, code snippets, and more! There are 2,231 people online right now. Registration is fast and FREE... Join Now!





SQL Sanitize

"Sanitize" a string of SQL code to prevent SQL injection.

Submitted By: sandman85048
Actions:
Rating:
Views: 4,722

Language: PHP
Last Modified: December 31, 1969

Snippet


  1. /*
  2. Function: sql_sanitize( $sCode )
  3. Description: "Sanitize" a string of SQL code to prevent SQL injection.
  4. Parameters: $sCode: The SQL code which you wish to sanitize.
  5. Example: mysql_query('UPDATE table SET value="' . sql_sanitize("' SET id='4'") . '" WHERE id="1"');
  6. Requirements: PHP version 4 or greater
  7. */
  8. function sql_sanitize( $sCode ) {
  9.         if ( function_exists( "mysql_real_escape_string" ) ) { // If PHP version > 4.3.0
  10.                 $sCode = mysql_real_escape_string( $sCode ); // Escape the MySQL string.
  11.         } else { // If PHP version < 4.3.0
  12.                 $sCode = addslashes( $sCode ); // Precede sensitive characters with a slash \
  13.         }
  14.         return $sCode; // Return the sanitized code
  15. }

Copy & Paste

Comments


There are currently no comments for this snippet. Be the first to comment!

Add comment


You must be registered and logged on to </dream.in.code> to leave comments.





Live PHP Help!

PHP Tutorials

Reference Sheets

PHP Snippets

DIC Chatroom

Bye Bye Ads

Monthly Drawing

Thumb Drive

Top Contributors

Top 10 Kudos This Month