Online PHP editor | output for jm7jT

<?php //===================================================================================== //Apply real_escape_string to strip out SQL injection function makeSafe($value){ //if (isset($value)){ $value = clean_html($value); $value = strip_tags(trim($value)); //} return $value; //return mysql_real_escape_string($value); } //===================================================================================== //Clean out html code. From html2txt() in http://us2.php.net/manual/en/function.strip-tags.php function clean_html($document){ $search = array( '@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments including CDATA ); //Replace any of the patterns listed above $text = preg_replace($search, '', $document); //Replace or remove any illegal characters $text = preg_replace('/;/', ' ', $text); //semicolons $text = preg_replace('/"/', "'", $text); //double quotations $text = preg_replace('/[\%\?\*]/', ' ', $text); //wildcards $text = preg_replace('/[\:\`\$\/\\\=\~\<\>\|\!\^]/', ' ', $text); //other uneeded symbols $text = preg_replace('/[-]{2,}/', '-', $text); //more than 1 dash in a row $text = preg_replace("/[\']{2,}/", "'", $text); //more than 1 single quotation in a row $text = preg_replace("/[\&]{2,}/", '&', $text); //more than 1 ampersand in a row $text = preg_replace("/[ ]{2,}/", ' ', $text); //more than 1 space in a row //And replace any leftover special characters $text = htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); //Return the value return $text; } $mystring = " Validating data... Done validating... test 123............stdClass Object ( [feedback_text] => Array ( [text] => Robert'); DROP TABLE Stftudents;--' ? Mom [format] => 1 ) [name] => connor - admin, 2 - john [email] => rcooper@c2ti.com [submitbutton] => Submit Feedback [text_len] => 41 )"; $mystring2 = makeSafe($mystring); echo $mystring2;