Sanitize Input Form

Thursday, July 25, 2013

Sanitize Input Form

Sanitize Input Form

<?php
include('connect.php');
$conn = db_connect();
 
 function cleanInput($input) {
  $search = array(
   '@<script[^>]*?>.*?</script>@si',   // Strip out javascript
   '@<[\/\!]*?[^<>]*?>@si',            // Strip out HTML tags
   '@<style[^>]*?>.*?</style>@siU',    // Strip style tags properly
   '@<![\s\S]*?--[ \t\n\r]*>@'         // Strip multi-line comments
 );
  $output = preg_replace($search, '', $input);
  return $output;
 }

?>
<?
if(isset($_POST["submit"]))
{
 $_username = cleanInput($_POST["_username"]);
 $_password = md5($_POST["_password"]);  
 $sql_insert = "INSERT INTO tbl_admin(_username, _password) VALUES ('$_username', '$_password')";
 $result = mysql_query($sql_insert);
 echo "records save"; 
 //echo "<script>
 //   window.location='index.php';
 //    </script>";
 //
}
?>
<div style="padding-left:50px; font-weight:bold; font-size:18px; margin-bottom:20px; color:#ffffff">
 ADD NEW Users
</div>
<form name="subjadd" action="" method="post">
 <table width="96%" border="0" cellspacing="3" cellpadding="4">
  <tr>
   <th>User name:</th>
   <td><input name="_username" type="text" size="40"></td>
  </tr>
  <tr>
   <th>Password</th>
   <td><input name="_password" type="text" size="40"></td>
  </tr>
  <tr>
   <th></th>
   <td>
    <input type="submit" name="submit" value="Add New!">
</td>
  </tr>
 </table>
</form>

Tutorial101

article

Thursday, July 25, 2013

Sanitize Input Form

Related Post

Search This Blog

HOME

Category

Popular Posts