Now I am using the following function to secure my strings : function secure($data)

Question

0

Asked: June 8, 20262026-06-08T18:00:09+00:00 2026-06-08T18:00:09+00:00

Now I am using the following function to secure my strings : function secure($data)

0

Now I am using the following function to secure my strings :

  function secure($data)
  {
    $data = trim($data);
    $data = htmlspecialchars($data);
    $data = str_replace("'", '"', $data);
    $search = array(chr(0xC2).chr(0xA0),chr(0xC2).chr(0x90),
                              chr(0xC2).chr(0x9D),chr(0xC2).chr(0x81),
                              chr(0xC2).chr(0x8D),chr(0xC2).chr(0x8F),
                              chr(0xC2).chr(0xAD),chr(0xAD));
    $data = str_replace($search, "", $data);
    return $data;
  }

Will this function be enought to secure strings?

Which methods will you use to secure your strings to insert into MySQL and to prevent bugs such as XSS in HTML page?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-08T18:00:11+00:00

Editorial Team

2026-06-08T18:00:11+00:00Added an answer on June 8, 2026 at 6:00 pm

By saying ‘Secure my strings’ I am assuming you mean for output?

For DB output (which includes varaibles used in SELECT queries), use *_escape_string functions or even better use prepared statements with PDO objects.

For html output you should use htmlentities rather than htmlspecialchars

Additionally if running shell commands from input use escapeshellarg and escapeshellcmd

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Now I am using the following function to secure my strings : function secure($data)

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply