Can't make SANITIZE work
Results 1 to 5 of 5

Thread: Can't make SANITIZE work

  1. #1
    Silver surfer
    Join Date
    Nov 2007
    Posts
    78

    Can't make SANITIZE work

    I can get VALIDATE to work, but SANITIZE is sending me crazy. I test it with an unacceptable email address but it enters the address into the database table warts and all. Please can you spot what I am doing wrong?

    if (isset($_POST['email'])) {
    $etrim = trim($_POST['email']);
    }
    if (filter_var($etrim, FILTER_SANITIZE_EMAIL)) {
    $e = mysqli_real_escape_string($dbcon, $etrim);
    }else{
    $errors[] = 'You forgot to enter your email address.';
    }

  2. #2
    Pedantic Curmudgeon Weedpacket's Avatar
    Join Date
    Aug 2002
    Location
    General Systems Vehicle "Thrilled To Be Here"
    Posts
    21,854
    the SANITIZE filters return the sanitised values. You're not using the sanitised value, only checking that it exists. You're still using the original value.

    See the usage examples in the manual, particularly the third part of Example 1.
    Last edited by Weedpacket; 10-28-2012 at 08:02 AM.
    THERE IS AS YET INSUFFICIENT DATA FOR A MEANINGFUL ANSWER
    FAQs! FAQs! FAQs! Most forums have them!
    Search - Debugging 101 - Collected Solutions - General Guidelines - Getting help at all

  3. #3
    Silver surfer
    Join Date
    Nov 2007
    Posts
    78
    Many thanks weedpacket. I see now that i was not sanitizing the email address. It now works fine.

  4. #4
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,410
    Also note that, in my opinion, using the SANITIZE filter for e-mail addresses makes absolutely no sense. When a user gives you his/her e-mail address, it's either the exact address or it's an incorrect one. "Sanitising" the address given by potentially removing one or more characters means you're no longer using the address the user specified, so why should you expect messages sent to that newly created address to reach the user?

  5. #5
    Silver surfer
    Join Date
    Nov 2007
    Posts
    78

    Can't make sanitzation work

    I completely agree bradgrafelman, my original question was entirely academic, ie how to make sanitization work. unfortunately I chose a poor example.
    Thanks for your prompt comment

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •