TalkPHP - View Single Post

Kalle · 06-26-2008, 04:33 AM

I don't even bother to make all the *_real_escape_string() functions, I've designed an input filtering class that does it all for me and I just call it like:

PHP Code:


			
$tuxxedo->input->doSqlSafe('p', Array('input1', 'input2', '...'));

The 'p' tells my class it has to clean post, it can also combine with more like 'pg' (POST + GET or simply r for REQUEST (POST / GET / COOKIE)) and then it modifies the global scope variables so I don't need to care about them when calling the query after.

Using something like this made my coding much easier ;)

06-26-2008, 04:33 AM	#8 (permalink)
Kalle The Addict Join Date: Sep 2007 Location: Denmark Posts: 247 Thanks: 6	I don't even bother to make all the *_real_escape_string() functions, I've designed an input filtering class that does it all for me and I just call it like: PHP Code: `$tuxxedo->input->doSqlSafe('p', Array('input1', 'input2', '...'));` The 'p' tells my class it has to clean post, it can also combine with more like 'pg' (POST + GET or simply r for REQUEST (POST / GET / COOKIE)) and then it modifies the global scope variables so I don't need to care about them when calling the query after. Using something like this made my coding much easier ;) __________________