- is_numeric: documentation ( source)
- urldecode: documentation ( source)
- get_magic_quotes_gpc: documentation ( source)
<?php
function sql($data){
$data = urldecode($data);
if (is_numeric($data))
{
return $data;
}
else if (!get_magic_quotes_gpc())
{
return mysql_real_escape_string($data);
}
else
{
return $data;
}
}
print(sql('toto'))
?>