Cleansed, folded and manipulated.
October 3, 2012 8:28 AM Subscribe
Beginner at PHP: Inserting form data into MySQL. I need to strip special characters out, for security and MySQL compatibility, but the options are overwhelming me and I've spent far longer on this issue than the whole project so far.
posted by dozo to Computers & Internet (9 answers total) 1 user marked this as a favorite
I'm attempting to write a small web app that will take maintenance and IT service requests, distribute them to the proper people and organize them in a way that makes sense to us (I've looked for a suitable solution that is already built but they all have problems that make them not work for us).
The data for the requests is placed into an array and then inserted via INSERT to the database. I know that I need to sanitize the input to keep bad people out and also to keep MySQL from throwing errors, but I've found that this is a surprisingly difficult and vast subject when starting with PHP. I've tried SEVERAL options but as I am a novice, the errors I keep getting are not easily sussed out without a more experienced someone to bounce things off of and I haven't been able to make it work by reading random bits on the web. Can someone help explain what I would need to include for a simple $_POST array to be cleansed and for it to be made human readable when retrieved and displayed in a list (i.e. apostrophes, slashes, etc back to their proper spots)?
Extra points for a good beginner's forum that doesn't mind these sort of elementary questions? I've had a hard time finding people that will be bothered with a neophyte without smothering said neophyte with stuff that requires more advanced knowledge.