Hi,

function Safe_String($Str_Input, $Str_Type= 'all', $Str_Charset= 'ISO-8859-1', $Bln_HTMLEntities= false, $Bln_SubStr= false, $Lng_MaximumLength= 0)
{

	switch(strtolower($Str_Type)):
	case 'english':
	case 'e': $Str_Input= preg_replace('/[^a-zA-Z]/i', '', &$Str_Input);
	break;

	case 'integer':
	case 'i': $Str_Input= preg_replace('/[^0-9+-]/i', '', &$Str_Input);
	break;

	case 'number':
	case 'n': $Str_Input= preg_replace('/[^0-9+.\/-]/i', '', &$Str_Input);
	break;

	case 'englishinteger':
	case 'ei': $Str_Input= preg_replace('/[^a-zA-Z0-9+-]/i', '', &$Str_Input);
	break;

	case 'englishnumber':
	case 'en': $Str_Input= preg_replace('/[^a-zA-Z0-9+.\/-]/i', '', &$Str_Input);
	break;

	case 'electronicmail':
	case 'em': $Str_Input= preg_replace('/[^a-zA-Z0-9@_.-]/i', '', &$Str_Input);
	break;

	case 'file':
	case 'f': $Str_Input= preg_replace('/[^a-zA-Z0-9+_.-]/i', '', &$Str_Input);
	break;

	case 'phone':
	case 'ph': $Str_Input= preg_replace('/[^0-9+]/i', '', &$Str_Input);
	break;

	case 'internetprotocol':
	case 'ip': $Str_Input= preg_replace('/[^0-9.:]/i', '', &$Str_Input);
	break;
	endswitch;

if($Bln_SubStr): $Str_Input= mb_substr(&$Str_Input, 0, &$Lng_MaximumLength, &$Str_Charset);
endif;
if($Bln_HTMLEntities): $Str_Input= htmlentities(&$Str_Input, ENT_COMPAT, &$Str_Charset);
endif;
unset($Bln_HTMLEntities, $Bln_SubStr);
return($Str_Input); 
}

function Safe_SQL($Str_Input)
{

if(get_magic_quotes_gpc()): function_exists('mysql_real_escape_string') ? stripslashes(mysql_real_escape_string(&$Str_Input)) : stripslashes(mysql_escape_string(&$Str_Input));
else: function_exists('mysql_real_escape_string') ? addslashes(mysql_real_escape_string(&$Str_Input)) : addslashes(mysql_escape_string(&$Str_Input));
endif;

return($Str_Input);
}

Goodluck. ;-)

    I wonder why you bother to unset 2 particular variables at the end of Safe_String? The PHP runtime will delete the entire symbol table for the function once it has returned, which effectively frees any locally defined variables.

      Write a Reply...