Troy S wrote:
> What is the best way to remove the characters from strings that may
> cause security problems? Namely, `, ', ", <, >, \ and all non-printing
> strings. Did I miss any? Thanks.
Do it the other way, allow only characters
you know are safe and strip the rest. Use, for
example, a preg_replace pattern with negated
character range. Put all the allowed characters
into this range and '' as replace text.
$query = preg_replace('{[^' . preg_quote(ALLOWED_CHARS) . ']}', '', $query);
, where ALLOWED_CHARS is a constant containing...
allowed characters :8].
--
Seks, seksić, seksolatki... news:pl.soc.seks.moderowana
http://hyperreal.info { iWanToDie } WiNoNa ) (
http://szatanowskie-ladacznice.0-700.pl foReVeR( * )
Poznaj jej zwiewne kształty... http://www.opera.com 007
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
