strip_tags and any other don't work in the function

<?php

class Database {

public function protect($data){
		
		$data = trim($data);
		$data = stripslashes($data);
		$data = strip_tags($data);
		$data = mysql_real_escape_string($data);
		return $data;
	}

}

$database = new Database();
$txt = '<strong>\\\Test///</strong>';
$txt = $database->protect($txt);
echo $txt;

And output have a tag, slashes and all with zero errors.
I try and different way to structure the function:

public function protect($data){ trim($data); stripslashes($data); strip_tags($data); mysql_real_escape_string($data); return $data; }

But the output is the same :(
Where is my wrong?
If anyone know more good way to secure the mysql let share. Thanks for all ideas

gorleone

Newbie Poster

13 posts since Aug 2011

Reputation Points: 10

Solved Threads: 0

6 Months Ago

Show Comments

If anyone know more good way to secure the mysql let share. Thanks for all ideas

Use PDO.

As a quick debug:

public function protect($data){
		$data = trim($data);
                echo "TRIM: $data";
		$data = stripslashes($data);
                echo "SSLASH: $data";
		$data = strip_tags($data);
		echo "STAGS: $data";
                $data = mysql_real_escape_string($data);
		echo "MRES: $data";
                return $data; 
}

diafol

Rhod Gilbert Fan (ardav)

Moderator

7,796 posts since Oct 2006

Reputation Points: 1,170

Solved Threads: 1,080

This article has been dead for over three months

You