/    Sign up×
Community /Pin to ProfileBookmark

Sanitation

Copy linkTweet thisAlerts:
Feb 05.2010

I have built a little form where people submit their name and email address, which will go into an Email List and I will email them upon the launch of the website…

Basically, I would like to know if this is sufficient to Sanatize the form inputs or should I go the route of creating a function clean_inputs() { FILTER_SANITIZE_EMAIL }

[code=php]
//grab the data
$name = trim(stripslashes($_POST[‘name’])) ;
$email = trim(stripslashes($_POST[’email’])) ;
$email2 = trim(stripslashes($_POST[’email2′])) ;
[/code]

to post a comment
PHP

5 Comments(s)

Copy linkTweet thisAlerts:
@MindzaiFeb 05.2010 — If you have PHP >=5.2, I would suggest filter_var_array with the FILTER_SANITIZE_EMAIL constant.
Copy linkTweet thisAlerts:
@Hooded_VillianauthorFeb 20.2010 — If you have PHP >=5.2, I would suggest filter_var_array with the FILTER_SANITIZE_EMAIL constant.[/QUOTE]

Hi there. I tried to create a function, like so ( It may look familiar :-) )
[code=php]
//sanatize and validate email function
function check_email($field)
{
$field=filter_var_array($field, FILTER_SANITIZE_EMAIL);

if(filter_var_array($field, FILTER_VALIDATE_EMAIL))
{
return TRUE;
}
else {
return FALSE;
}
}[/code]

Then I incorporated it in here...

[code=php]
if(!empty($name) && !empty($email) && !empty($email2))
{
$mailcheck = check_email($_POST['email']);

if ($mailcheck==FALSE)
{
echo "Invalid email address";
$output_form = true;
}
else
{
if($email == $email2)
{ $to = 'email';
$title = 'Launch Notification';
$msg = $name;
$from = 'me';[/code]

Yet it returns an email address like [email][email protected][/email] as invalid...

Why would this be the case? TIA...
Copy linkTweet thisAlerts:
@Hooded_VillianauthorFeb 20.2010 — Ok... I got it working, by changing filter_var_array to filter_var... Although, I am not sure why it worked. Anyone care to shed some light..?

I thank you... :-)
Copy linkTweet thisAlerts:
@criterion9Feb 20.2010 — filter_var_array loops through an array of values and performs your configured filters on each value. You were using a single value ($field) and so needed to use the singular form filter_var (check out example #1 on this one).
Copy linkTweet thisAlerts:
@Hooded_VillianauthorFeb 22.2010 — filter_var_array loops through an array of values and performs your configured filters on each value. You were using a single value ($field) and so needed to use the singular form filter_var (check out example #1 on this one).[/QUOTE]

Aaaaah... Ok. Shot alot.
×

Success!

Help @Hooded_Villian spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...