Sanitize input with FILTER_SANITIZE_STRING
Frage
I'm getting mad writing some code for sanitize the data which come from a form. In the form I have a input field named "sender_countryCode" that could only contains 2 or 3 text characters like USA, FR, EN, ... the following code should block everything different from a string but if i write "my text" in the field nothing pass the filter!
if (isset($_POST["sender_countryCode"])){
$var = $_POST["sender_countryCode"];
$var = stripslashes($var);
$var = htmlentities($var);
$var = strip_tags($var);
$var = filter_var($var, FILTER_SANITIZE_STRING);
$sender["countryCode"] = $var;
unset($var);
};
Lösung
This works :) ...sorry im abit late, but i saw it was not answered. Here is my solution.:
function maxLengthCheckUp($this) {
if ( strlen($this) <= 4){
return TRUE;
}
}
if (isset($_POST["sender_countryCode"])
&& !preg_match('/\s/',$_POST["sender_countryCode"])
&& maxLengthCheckUp($_POST["sender_countryCode"])) {
$var = $_POST["sender_countryCode"];
$var = stripslashes($var);
$var = htmlentities($var);
$var = strip_tags($var);
$var = filter_var($var, FILTER_SANITIZE_STRING);
$sender["countryCode"] = $var;
echo $sender["countryCode"];
unset($var, $sender);
};//end of if(...
CREATE YOUR FORM WITH THE FOLLOWING ELEMENTS:
<input type="text" name="sender_countryCode" id="sender_countryCode" />
<input type="submit" name="Submit" id="Submit" value="Submit" />
submit your form...creating a normal form....just use my php code above. Try it out :)
Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow