PHP clean() Function

Well, I have one, but all it seems to do is unset the variable.
Code:

PHP Code:

---

function clean($var){
$var = mysql_real_escape_string($var);
$var = stripslashes($var);
$var = htmlentities($var);
return $var;
} 


---

I already have searched for one, but there aren't any.
I know someone on here had one before, anyone know where it is?

i always just use

PHP Code:

---

function clean($str)
{
$str = strip_tags(addslashes(stripslashes(htmlspecialchars($str))));
return $str;
} 


---

PHP Code:

---

function clean($var){
$var = mysql_real_escape_string($var);
$var = stripslashes($var);
$var = htmlentities($var);
return $var;
} 


---

What i don't get it why you've used mysql_real_escape_string which adds a \ before each " or ' then you've used stripslashes that's just gonna undo that?
try..

PHP Code:

---

function clean($str)
{
$str = mysql_real_escape_string($str);
$str = htmlspecialchars($str);
$str = strip_tags($str);
return($str);
} 


---

That should work..

in case of magic quotes?

Quote:

---

Originally Posted by MrCraig

i always just use

PHP Code:

---

function clean($str)
{
$str = strip_tags(addslashes(stripslashes(htmlspecialchars($str))));
return $str;
} 


---

---

Why do you add slashes then remove them!??!!?! Bit pointless.

addslashes - Should be used when inserting data into MySQL as it prevents ' characters.
stripslashes - Should be used on output. Stripslashes removes the effects of addslashes when outputting onto a page
htmlentities - Should be used on page output to deactivate HTML therefore if you want to use the html on some pages it is avaliable.