Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Best Practices A little confusion about security
A little confusion about security
  • Offline Martin7483
    Crossfire CMS
  • ****
  • Posts: 373
    Threads: 14
    Joined: Sep 2015
    Reputation: 20
#5
09-18-2015, 05:55 AM

When saving data to the DB I use the following method:

Code:
public function strToDB($string) {
   if(is_array($string)) {
       foreach($string as $key => $value) {
           $string[$key] = $this->clean_string($value);
       }
       return $string;
   } else {
       $string = htmlspecialchars($string, ENT_QUOTES, "UTF-8");
       $string = mysql_real_escape_string($string);
       $string = str_replace('\r\n', PHP_EOL, $string);
       $string = str_replace('\n', PHP_EOL, $string);
       return $this->xss_clean($string);
   }
}
This method will convert special chars for saving in your DB

When retrieving data from the DB I use the following method
Code:
public function strFromDB($str) {
    if( is_string($str) ) {
        $str = trim(html_entity_decode($str, ENT_QUOTES, "UTF-8"));
        $str = stripslashes($str);
        return $str;

    } else {
        return $str;
    }
}

The method will reverse what the first method did, so that you can edit the data or print to screen.

Hope this can help you
Reply


Messages In This Thread
A little confusion about security - by Urastor - 09-06-2015, 12:37 PM
RE: A little confusion about security - by Martin7483 - 09-18-2015, 05:55 AM



Theme © iAndrew 2016 - Forum software by © MyBB