Giters

kloddant / sanitize

php function that recursively sanitizes generic user input.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

sanitize

Procedure: sanitize
Purpose: A php function that attempts to recursively sanitize generic user input in all cases. To be used, not in place of prepared statements, but in addition to them. Useful as a stopgap measure for already comprmised systems until prepared statements can be put in place. Helpful against xss attacks. Useful to add to files just in case of unknown security flaws.
Parameters:
  • $data (optional, any type): A boolean, integer, double, string, array, object, resource, NULL, or unknown type that is to be sanitized by this function. If this is an array or object, sanitize will call itself recursively on all the values within the array or object until they are all sanitized or until the recursion depth is reached.
  • $depth (optional, integer): Should be left blank. This parameter is set by the sanitize function when it calls itself.
Produces: sanitized $data that is safer to be printed out to the page or to be used in a sql query.
Preconditions: The variable $sanitized is reserved in the $GLOBALS scope.
Postconditions: If run without setting any parameters, sanitize will sanitize everything in the $_GET, $_POST, $_COOKIE, $_REQUEST, and $_FILES arrays. If these arrays are nonexistent and sanitize is called with no parameters, then it will do nothing.
Usage: require_once('sanitize.php');
sanitize();

About

php function that recursively sanitizes generic user input.

License:Creative Commons Zero v1.0 Universal

Languages

Language:PHP 100.0%