I spend a tough time learning regular expressions but forget it easily within a short span of time. Though cheatsheets come to my rescue but while coding applications I try to stay away from Regular Expressions as much as possible. For those like me, here is the simple way that you can implement to sanitize variables in PHP and avoid SQL Injections.
Sanitizing the single quote (‘) from a variable
function sanitize_vars($content) {
return str_replace("'","",$content);
}
The above function will remove all the single quotes found in the $content variable
Sanitizing the double quotes (“) from a variable
function sanitize_vars($content) {
return str_replace("\"","",$content);
}
The above function will remove all the double quotes found in the $content variable
Sanitizing empty spaces from a variable
function sanitize_vars($content) {
return str_replace(" ","",$content);
}
The above function will remove all the empty spaces found in the $content variable
Sanitizing multiple symbols from a variable
function sanitize_vars($content) {
return str_replace(
array ("'","", " ", "$", "%", "@", "#", "^", "&", "*")
,"",$content);
}
The above function will remove all the following symbols from the $content variable – single quotes, double quotes, spaces, $,%,#,^,&,*
Related posts:
