{"id":3405,"date":"2014-06-24T22:10:47","date_gmt":"2014-06-24T22:10:47","guid":{"rendered":"http:\/\/webninjataylor.com\/library\/?p=3405"},"modified":"2014-06-24T22:10:47","modified_gmt":"2014-06-24T22:10:47","slug":"php-sanitize-input","status":"publish","type":"post","link":"https:\/\/webninjataylor.com\/library\/php-sanitize-input\/","title":{"rendered":"PHP Sanitize Input"},"content":{"rendered":"
<?php\r\n    \/\/Initialize an empty array for storing filtered, escaped input\r\n    $clean = array();\r\n    \/\/Wash Basic Input Fields\r\n    function washnormal(){\r\n        \/\/Use the global $clean array\r\n        global $clean;\r\n        \/\/Loop through the fields passed to the function\r\n        for ($i = 0; $i < func_num_args(); $i++){\r\n            $item = func_get_arg($i);\r\n            \/\/Regular expression matching for lowercase letters, uppercase letters, digits, periods, commas, and dashes\r\n            if(preg_match(\"\/^[a-zA-Z0-9 \\.\\,\\-]*$\/\", $_POST[$item])){\r\n                \/\/htmlentities escapes the output (ex. <b>BOLD<\/b> vs. BOLD)\r\n                $clean[$item] = htmlentities($_POST[$item], ENT_QUOTES, 'UTF-8');\r\n            }\r\n        }\r\n    }\r\n\r\n    \/\/Wash State and Zip Code\r\n    function washgentle($state, $zip){\r\n        \/\/Use the global $clean array\r\n        global $clean;\r\n        \/\/Regular expression matching for 5 digits, a possible dash, and possible 4 digits\r\n        if(preg_match(\"\/^[0-9]{5}[\\-]?[0-9]{0,4}$\/\", $_POST[$zip])){\r\n            $clean[$zip] = htmlentities($_POST[$zip], ENT_QUOTES, 'UTF-8');\r\n        }\r\n        \/\/PHP native function for checking for alpha characters only (faster than custom regular expressions)\r\n        if(ctype_alpha($_POST[$state])){\r\n            $clean[$state] = htmlentities($_POST[$state], ENT_QUOTES, 'UTF-8');\r\n        }\r\n    }\r\n    \/\/Laundry (call the sanitizing functions, passing in the posted field data to be cleaned)\r\n    washnormal('callLetters', 'location', 'manager', 'address', 'city', 'npr', 'method', 'agree');\r\n    washgentle('state', 'zip');\r\n\r\n    \/\/Reject Suspect Data (if the sanitization failed, the $clean array variable will not be populated, so reject the data\r\n    if(($clean['callLetters'] == null)||($clean['location'] == null)||($clean['manager'] == null)||($clean['address'] == null)||($clean['city'] == null)||($clean['state'] == null)||($clean['zip'] == null)||($clean['npr'] == null)||($clean['method'] == null)||($_POST['agree'] != 'I Agree')){\r\n        header(\"Location: http:\/\/www.nrao.edu\/cosmicradio\/test.php\");\r\n    } else {\r\n        \/\/If all the data passed sanitization, continue submitting the data\r\n        echo \"Thanks, <strong>\" . $clean['manager'] . \"<\/strong>. Your zip code is \" . $clean['zip'] . \".\";\r\n        $to = 'email@domain.abc';\r\n        $subject = \"Test Sanitize\";\r\n        $message = \"Station Call Letters: \" . $clean['callLetters'] . \"\\n\" .\r\n            \"Station Location: \" . $clean['location'] . \"\\n\" .\r\n            \"Station Manager: \" . $clean['manager'] . \"\\n\" .\r\n            \"Station Address: \" . $clean['address'] . \"\\n\" .\r\n            \" \" . $clean['city'] . \", \" . $clean['state'] . \" \" . $clean['zip'] . \"\\n\" .\r\n            \"NPR Affiliate: \" . $clean['npr'] . \"\\n\" .\r\n            \"Delivery Method: \" . $clean['method'] . \"\\n\" .\r\n            \"Station Cannot Sell Advertising Sponsorship: \" . $clean['agree'] . \"\\n\";\r\n        $headers = 'From: email@domain.abc' . \"\\r\\n\";\r\n        mail($to, $subject, $message, $headers);\r\n    }\r\n\r\n?><\/pre>\n","protected":false},"excerpt":{"rendered":"
<?php \/\/Initialize an empty array for storing filtered, escaped input $clean = array(); \/\/Wash Basic Input Fields function washnormal(){ \/\/Use the global $clean array global $clean; \/\/Loop through the fields passed to the function for ($i = 0; $i < func_num_args(); $i++){ $item = func_get_arg($i); \/\/Regular expression matching for lowercase letters, uppercase letters, digits, periods, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[144],"tags":[6],"class_list":["post-3405","post","type-post","status-publish","format-standard","hentry","category-web-shots","tag-php"],"_links":{"self":[{"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/posts\/3405","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/comments?post=3405"}],"version-history":[{"count":1,"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/posts\/3405\/revisions"}],"predecessor-version":[{"id":3406,"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/posts\/3405\/revisions\/3406"}],"wp:attachment":[{"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/media?parent=3405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/categories?post=3405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webninjataylor.com\/library\/wp-json\/wp\/v2\/tags?post=3405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}