PHP clean() Function

[lolwut]

Well, I have one, but all it seems to do is unset the variable.
Code:

PHP Code:

function clean($var){
$var = mysql_real_escape_string($var);
$var = stripslashes($var);
$var = htmlentities($var);
return $var;
} 


I already have searched for one, but there aren't any.
I know someone on here had one before, anyone know where it is?

[MrCraig]

i always just use

PHP Code:

function clean($str)
{
$str = strip_tags(addslashes(stripslashes(htmlspecialchars($str))));
return $str;
} 


[Jme]

PHP Code:

function clean($var){
$var = mysql_real_escape_string($var);
$var = stripslashes($var);
$var = htmlentities($var);
return $var;
} 


What i don't get it why you've used mysql_real_escape_string which adds a \ before each " or ' then you've used stripslashes that's just gonna undo that?
try..

PHP Code:

function clean($str)
{
$str = mysql_real_escape_string($str);
$str = htmlspecialchars($str);
$str = strip_tags($str);
return($str);
} 


That should work..

[MrCraig]

in case of magic quotes?

[Florx]

i always just use

PHP Code:

function clean($str)
{
$str = strip_tags(addslashes(stripslashes(htmlspecialchars($str))));
return $str;
} 


Why do you add slashes then remove them!??!!?! Bit pointless.

[Baving]

addslashes - Should be used when inserting data into MySQL as it prevents ' characters.
stripslashes - Should be used on output. Stripslashes removes the effects of addslashes when outputting onto a page
htmlentities - Should be used on page output to deactivate HTML therefore if you want to use the html on some pages it is avaliable.