AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 19:04:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added inputSantize function to trim SQL escape and Strip Tags when string enter the database and to tidy up the code

Browse Source
This commit is contained in:
johnnyq
2023-02-16 14:38:23 -05:00
parent b08aa6b264
commit dc80894dd9
3 changed files with 40 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
models/contact.php
View File

@@ -1,16 +1,17 @@
<?php
$client_id = intval($_POST['client_id']);
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])));
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['title'])));
$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['department'])));
$name = sanitizeInput($_POST['name']);
$title = sanitizeInput($_POST['title']);
$department = sanitizeInput($_POST['department']);
$phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
$extension = preg_replace("/[^0-9]/", '',$_POST['extension']);
$mobile = preg_replace("/[^0-9]/", '',$_POST['mobile']);
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['email'])));
$email = sanitizeInput($_POST['email']);
$primary_contact = intval($_POST['primary_contact']);
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
$notes = sanitizeInput($_POST['notes']);
$contact_important = intval($_POST['contact_important']);
$contact_billing = intval($_POST['contact_billing']);
$contact_technical = intval($_POST['contact_technical']);
$location_id = intval($_POST['location']);
$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['auth_method'])));
$auth_method = sanitizeInput($_POST['auth_method']);