11-23-2007, 11:17 PM
|
#23 (permalink)
|
|
The Prestige
Join Date: Sep 2007
Location: Sweden, Stockholm
Posts: 1,080
Thanks: 115
|
FILTER is a thing I've never heard before, but it's quite handy for forms.
This is a bit long, but you'll get the point:
php Code:
$arguements = array( 'user_name' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_pass' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_pass_re' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_email' => array( 'filter' => FILTER_VALIDATE_EMAIL, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_firstname' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_surname' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_age' => array( 'filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_country' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ), 'user_location' => array( 'filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_NULL_ON_FAILURE ) ); $data = filter_input_array (INPUT_POST, $arguements);
This would be pretty safe(notice that this is not completely safe, but it's still a good way to start - or add to - your security).
The FILTER_NULL_ON_FAILURE works like it returns NULL if the field isn't filled. And it returns FALSE when the FILTER fails.
And also, how to then get to your cleaned data, would be like this(pretty obvious, but meh.. :P):
php Code:
$data['user_name'], $data['user_pass'], $data['user_email'], $data['user_firstname'], $data['user_surname'], $data['user_country'], $data['user_location'], $data['user_age']
|
|
|
|