Explanation of this SQL sanitization code

Posted by Derek on Stack Overflow See other posts from Stack Overflow or by Derek
Published on 2010-03-31T13:13:12Z Indexed on 2010/03/31 13:23 UTC
Read the original article Hit count: 401

Filed under:
|
|

I got this from for a login form tutorial:

function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }

Could some one explain exactly what this does? I know that the 'clean' var is called up afterwards to sanitize the fields; I.e. $email = clean($_POST['email']);

© Stack Overflow or respective owner

Related posts about sql

Related posts about injection