<?php
class Database {
public function protect($data){
$data = trim($data);
$data = stripslashes($data);
$data = strip_tags($data);
$data = mysql_real_escape_string($data);
return $data;
}
}
$database = new Database();
$txt = '<strong>\\\Test///</strong>';
$txt = $database->protect($txt);
echo $txt;
And output have a <strong> tag, slashes and all with zero errors.
I try and different way to structure the function:
public function protect($data){
trim($data);
stripslashes($data);
strip_tags($data);
mysql_real_escape_string($data);
return $data;
}
But the output is the same :(
Where is my wrong?
If anyone know more good way to secure the mysql let share. Thanks for all ideas