ABOUT TV SERIES I WATCHED USES PROJECTS
#sql injection #php #mysql #security

How to Sanitize Input in PHP

November 15, 2018 by Mohammed Samgan Khan

Although the development has taken a great deal of up-gradation in the last few years with DevOps, frameworks, automation etc. etc. etc. but still there are a number of people who still prefer the old way. Moreover, if you are starting new of just creating a college project or something like that it’s still cool to use the core PHP.

The inputs in Core PHP are venerable to what you call “SQL Injection”, to before putting them to use it’s a mandatory practice to sanitize them. Below is the function you can use for the same. It’s simple, straight forward and easy to use.

Benefits:

  • It reduces the threat of SQL injection by removing the SQL (if there is any)
  • It also removes the HTML tags from the data passed as some bad guys pass <scripts> too for some undesirable works.

Uses:

Using the function is simple all you have to do is make sure that it needs mysql_connection links to function. Please make sure you provide it. Remaining is nothing to worry about.

Function:

/**
 * protecting  the input form the SQL injection and script injection.
 * @param $data
 * @return mixed
 */
public function sanitizer ($data)
{
    if (!empty($data)) {
        foreach ($data as $key => $dataValue) {
            if (empty($dataValue)) {
                continue;
            }
            $dataValue = strip_tags($dataValue);
            $data[$key] = mysql_real_escape_string($dataValue, $this->link);
        }
    }

    return $data;
}

Function Call:

$object = new Class();
$sanitizedGetArray = $object->sanitizer($_GET);
$sanitizedPostArray = $object->sanitizer($_POST);

If you have some other things to add to this function feel free to comment, I am still learning too you know.

mohammed-samgan-khan

Hi, I am Samgan, I excel at solving complex problems involving logic and step by step breakdown of the problem. Besides, to develop complex algorithms, I specialise in problem framing, systems design, and product development strategy. Sometimes I also enjoy public speaking.  

I am also the creator of penit.ink, a site which provides young writers with a free hand place to show their creation to the world. Irrespective of the niche, if you write this place is defiantly for you.