php sanitize input sql injection code example

Example 1: php clean user input

<?php
    function cleanUserInput($userinput) {
  
  		// Open your database connection
      	$dbConnection = databaseConnect();
  
  		// check if input is empty
        if (empty($userinput)) {
          return;
        } else {
          
        // Strip any html characters
        $userinput = htmlspecialchars($userinput);
        
		// Clean input using the database  
        $userinput = mysqli_real_escape_string($dbConnection, $userinput);
        }
       
  	  // Return a cleaned string
      return $userinput;
    }
?>

Example 2: sanitize user input php

<?php
function sanitize($string) {
	return addslashes(htmlspecialchars($string));
}
?>

Tags:

Php Example