On 11/14/05 3:38 PM, Richard Lynch wrote:
Perhaps one should use: $_ICLEAN $_OCLEAN for Input and Output. $kosher = '/[^A-Za-z0-9\\',\\.-]/'; $_ICLEAN['first_name'] = preg_replace($kosher, '', $_GET['first_name']; /* more code */ $_OCLEAN['first_name'] = htmlentities($_ICLEAN['first_name']); echo "<p>$_OCLEAN[first_name] is way smarter than me.</p>\n"; If you had anything other than $_OCLEAN in an echo and friends, then you would know you were screwing up.
I don't like $_OCLEAN primarily because I like Chris's suggestion of using an output array that is named according to where the data is going, so $url, $sql, $html, etc. But, with that in mind, it wouldn't be too hard to use $_OCLEAN['url'], $_OCLEAN['sql'], and $_OCLEAN['html'] as arrays within the $_OCLEAN array.
-- Ben Ramsey http://benramsey.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
