Added inputSantize function to trim SQL escape and Strip Tags when string enter the database and to tidy up the code

2026-02-28 02:44:53 +00:00 · 2023-02-16 14:38:23 -05:00
parent b08aa6b264
commit dc80894dd9
3 changed files with 40 additions and 24 deletions
--- a/functions.php
+++ b/functions.php
@@ -625,3 +625,18 @@ function checkFileUpload($file, $allowed_extensions)
    return md5(time() . $name) . '.' . $extension;

 }
+
+function sanitizeInput($input) {
+    global $mysqli;
+    // Remove white space from beginning and end of input
+    $input = trim($input);
+
+    // Remove HTML and PHP tags
+    $input = strip_tags($input);
+
+    // Escape special characters
+    $input = mysqli_real_escape_string($mysqli, $input);
+
+    // Return sanitized input
+    return $input;
+}