<?php
function sanitize($stringToSanitize) {
return addslashes(htmlspecialchars($stringToSanitize));
}
// You can just use the codes themselves instead of creating a function as:
echo addslashes(htmlspecialchars($stringToSanitize));
?># sanitize form data
function clean($data)
{
$data = htmlspecialchars($data);
$data = stripslashes($data);
$data = trim($data);
return $data;
}<?php
function cleanUserInput($userinput) {
// Open your database connection
$dbConnection = databaseConnect();
// check if input is empty
if (empty($userinput)) {
return;
} else {
// Strip any html characters
$userinput = htmlspecialchars($userinput);
// Clean input using the database
$userinput = mysqli_real_escape_string($dbConnection, $userinput);
}
// Return a cleaned string
return $userinput;
}
?>