Code: Select all
function cleanData( $value )
{
$trim_value = trim($value);
if( get_magic_quotes_gpc() )
{
$trim_value = stripslashes( $trim_value );
}
if( function_exists( "mysql_real_escape_string" ) )
{
$trim_value = mysql_real_escape_string( $trim_value );
}
else
{
$trim_value = addslashes( $trim_value );
}
return $trim_value;
}
//usage
$name = cleanData($_POST['name']);
$id = cleanData($_POST['id']);