Any difference in these sanitizing methods?
Posted: Tue Jul 29, 2008 10:55 am
I got this from the book I'm reading PHP Solutions:
The page source page has an include for this page and then it calls the function.
The second way was some code offered to me through the WD mailing list:
I don't know enough to know if either method is better or worse but since I see different code I have to ask. I, of course, want to use the better method... If there is one.
Thanks,
Code: Select all
<?php
function nukeMagicQuotes() {
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value) {
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}
}
?>The second way was some code offered to me through the WD mailing list:
Code: Select all
// Initialize $input alias:
$input = array();
// Clean all input:
if(ini_get('magic_quotes_gpc')) {
foreach($_POST as $k => $v) {
$input[$k] = trim(strip_tags(stripslashes($v)));
}
} else {
foreach($_POST as $k => $v) {
$input[$k] = trim(strip_tags($v));
}
}Thanks,