I'm looking for the alternative of mysql_real_escape_string() for MSSQL. Is addslashes() my best option or there is another alternative function that can be used? Edit: Alternative for mysql_error() would also be useful. ...
hello guys, Am wondering if the combination of trim(), strip_tags() and addslashes() is enough to filter values of variables from $_GET and $_POST ...
Is there a function i can use in Perl to sanitize input before putting it into a MySQL db? I don't know regex very well so before I make my own function i was wondering if there was already one made. ...
Im building a new web-app, LAMP environment... im wondering if preg_match can be trusted for user's input validation (+ prepared stmt, of course) for all the text-based fields (aka not html fields; phone, name, surname, etc..). For example, for a classic 'email field', if i check the input like: $email_pattern = "/^([a-zA-Z0-9_\-\.]+)@...
What are some good PHP html (input) sanitizers? Preferably, if something is built in - I'd like to us that. UPDATE: Per the request, via comments, input should not allow HTML (and obviously prevent XSS & SQL Injection, etc). ...
What are best solutions for making user formatted input safe + script/flash free XHTML Strict compliant Tidy converts HTML to XHTML Strict. Any similar/alternative options that does this plus sanitizes and removes embedded scripts and flash? ...