PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
// Unfinished filter function.
function filter($input, $type) {
// First clear the input of any HTML entities
$input = htmlspecialchars($input, ENT_QUOTES);
echo $input;
// Separate possible other "types"
$type = explode("-", $type);
// Now that the input is cleared as safe check it for content.
// Is the input an integer?
if ($type[0] == 'integer') {
// The number MUST be a number.
// Check it
if($input == '0' || is_int($input) == true) {
// The number is either 0 or another integer. Its cleared.
return $input;
}
} elseif ($type[0] == 'text') {
// Check if the input is text.
// Keep any \n's that could have been previously made.
$input = str_replace("\n", "\n<br />\n", $input);
return $input;
}
}
This will simply return the original string unaltered. Even if it has quotes in it.
It displays it in a broken down form then but the only problem is when I try to insert that into a mysql database it still comes up with errors from quotes.