Filtering Function

Advanced search

[John Anderson]

  Here is a filtering function that will help clean out your inputs so they do not do any damage to your database.

Code:

1  class security_class{
2       // Prevents Buffer Overflow
3       private function size_input($data, $length = 50){
4                $out = substr($data, 0 , $length);
5                return $out;
6       }
7       // Escape Quotes and chars
8       private function escape_quotes($data){
9               $out = addslashes($data);
10               return $out;
11      }
12       // Convert to html entities
13      private function html_ent($data, $type = 'ENT_QUOTES'){
14              $out = htmlentities($data);
15               return $out;
16      }
17      //strip specified unwated chars
18      private function strip_unwanted($data, $chars = '', $replacement = ' '){
19           $chars_array =  explode("", $chars);
20           foreach($chars_array as $c_key => $c_val){
21               eval("$data = eregi_replace($c_val, $replacement, $data);");
22           }
23           return $data;
24      }
25      public function clean_data($data, $size, $escape, $esctype, $htmlent, $htmltype, $unwanted, $replacement){
26         if($size)
27             $data = $this->size_input($data);
28        
29         if($escape)
30              $data = $this->escape_quotes($data, $esctype);
31        
32         if($htmlent)
33               $data = $this->html_ent($data, $htmltype);
34         if($unwanted)
35               $data = $this->html_ent($data, $unwanted, $replacement);
36      }
37 
38 
39 }