Filtering < form > input with php

What I am doing on this page

Here I am testing the different php filters that can be used when entereing datra from a form into the database. What youcan do is create your own string or use my test on below and enter into the fields next to the filter variable to see what the out put loks like. First you will see the passed information show up in a table and below that you will see the information after the filter processed the information.

I usally start of my filters with an IF statment that checks to see if there is any information to filter. If there is nothing to filter it skips the filtering for that variable and moves on to the next variable. Here is an example script

Example

IF($_POST['var'] != NULL) { $var = trim($_POST['var']); $var = strip_tags($var); $var = mysqli_real_escape_string($cxn, $var); }

Testing Area

Here is a test string that you can use or create your own.
<xmp><span>Hello World!</span> SELECT * FROM table WHERE '1' = "1" + - / * \r , \n DROP !@#$%^&*()</xmp>

VariableToTest :		- filter_var($_POST['var1'], FILTER_SANITIZE_STRING)
VariableToTest :		- filter_var($var2, FILTER_SANITIZE_MAGIC_QUOTES)
VariableToTest :		- filter_var($var2, FILTER_SANITIZE_NUMBER_INT)
VariableToTest :		- filter_var($var2, FILTER_SANITIZE_EMAIL)
VariableToTest :		- filter_var($var2, FILTER_SANITIZE_SPECIAL_CHARS)
VariableToTest :		- mysqli_real_escape_string($cxn, $var4);
VariableToTest :		- htmlspecialchars ($var5);
VariableToTest :		- strip_tags($var8)
VariableToTest :		- trim($var9)

Tony's Playground!

Filtering < form > input with php

What I am doing on this page

Example

Testing Area