The holy grail of cleaning input and output in php?

javascript mysql json php

I've been running and developed a classified site now for the last 8 months and all the bugs were due to only one reason: how the users input their text...

My question is: Is there a php class, a plugin, something that I can do

$str = UltimateClean($str) before sending $str to my sql??

PS. I also noticed the problems doubled when i started using JSON, because I also have to be careful outputting the result in JSON..

Some issues I faced: multi-language strings (different charsets), copy-paste from Excel sheets.
Note: I am not worried for SQL Injections.


No, there isn't.

Different modes of escaping are for different purposes. You cannot universally escape something.

For Databases: Use PDO with prepared queries

For HTML: Use htmlspecialchars()

For JSON: json_encode() handles this for you

For character sets: You should be using UTF-8 on your page. Do this, and set your databases accordingly, and watch those issues disappear.

Related

How to implement multiple searching in jqGrid
FORFILES date -after- (date calc in cmd file)
Non-blocking worker - interrupt file copy
Implementing condition in XPath [duplicate]
Setting up the jQuery Mobile script
Delphi: Access Violation at the end of Create() constructor
Assigning parsers to auto variables
How to fix a opacity bug with DrawToBitmap on WebBrowser Control?
How to change the HTML content as it's loading on the page
How do you import a font?
Using date in a check constraint, Oracle
Syntax error in shell script with process substitution