PHP Sanitize Data

Question

I am new to the world of coding and PHP hence would like to learn what\'s the best way to sanitize form data to avoid malformed pages, code injections and the like. Is the s

Answer 1

That script has some nice functions but it doesn't do a good job at sanitizing!

Depending on what you need (and want to accept) you can use:

• abs() for positive numbers (note that it accepts floats also)

• preg_replace('/[^a-zA-Z0-9 .-]/','',$var) for cleaning out any special characters from strings or preg_replace('/\D/','',$var) to remove all non-digit characters

• ctype_* functions eg. ctype_digit($var)

• filter_var() and filter_input() functions

• type-cast eg. (int)$_GET['id']

• convert eg. $id=$_GET['id']+0;