clean all mysql results

ashley98860615

So i've gone from preventing sql injections to wanting to make sure everything comes out nice and safely..?

I had a few thoughts:

a global function to clean results (is it needed, how where when?)
my config file that connects to the db, how do i protect it? (using PHP_SELF?, tried this on a few files and it kicked back an error, or using define('IS1024') and then checking this is true - is this any good?)
do i really need to make sure stuff is clean/safe on the way out of the db?
if so, can i clean arrays in one go?

edit:
- also logging people out after a set time for the admin area?
- also what about this 'remember me' stuff - cookies? i'm using $_SESSION['loggedin'] = true; at the moment

thanks, any ideas please

thorpe

Why would you need to clean (whatever you meen by that) results on the way out of a database? All you really need do is format there output so they look appealing. Hence html.

As for protecting your config file. Just make sure it has the .php extension and doesn't output any text. Of course, if you can, keep it outside your website root for added safety.

Sessions are automatically distroyed (users logged out) after a certain amount of time. default is 20mins i think.

Remember me = cookies.