[XFlawless]

PHP код:

function sanitizeString($var){
$var = stripslashes($var);
$var = htmlentities($var);
$var = strip_tags($var);
return $var;
} 


Use this for escaping forms.

PHP код:

function sanitizeSQL($var){
$var = mysql_real_escape_string($var);
$var = sanitizeString($var);
return $var;
} 


Use this for escaping mysql string.

These codes are efficient and enhances security against SQL and XSS attacks.

If you want more security against passwords use this technique:

PHP код:


$Salt1 = "#$@#%#$!@$@#1234223233";
$Salt2 = "#*$(#@$&AJDSU#341224334";
$Hash = md5("$Salt1$password$Salt2");