Quote:
Originally Posted by End User
Mighty weird....I've not see this issue before so I'm not sure what to say. I took a quick look but didn't see anywhere that the sanitizer should do this, but maybe I missed something. Did you modify it at all, add anything, remove anything, etc?
|
I only added one modification to the script. I did it so I could remember how to use the script in case I ever forget.
php Code:
/////////////////////////////////////////////////////////////
// Example- allow numbers and letters up to 50 chars in the variable "$foo"
// $foo = sanitize(2, 50, $_POST['name']);
/////////////////////////////////////////////////////////////
I added that directly below the dtype explanations.
Quote:
Originally Posted by End User
There are a lot of 'x' chars used in the sanitizer matching items like 'x00' (the null character) and 'x20' (a space), but I can't think of any reason it would substitute just the 'x'.
Try commenting out the sanitizer lines and see if it passes the data normally. (Or comment out the preg_match() lines and see what happens.)
|
I commented out the sanitizer lines in my code and by doing so the script now prints and passes everything to the MySQL database correctly. I'm wondering if something got screwed up when I copied the sanitize script originally.
Quote:
Originally Posted by wirehopper
Check the number of backslashes in the related preg calls.
Sometimes, when code is posted here, backslashes get removed.
|
Everything there
looks OK. However, I'll go over the sanitizer script again just to double check it.