Purify Function to Prevent XSS

This is a purify function to ensure user-inputed string is sanitized and prevent XSS kind of attacks.

function purify($input){
	$result = "";
	if (isset($input) && !empty($input)) {
		$result = rawurldecode($input);
		$result = strip_tags($result);
		$result = stripcslashes($result);
		$result = htmlspecialchars($result, ENT_QUOTES); 
		$result = iconv('utf-8','utf-8//IGNORE',$result);
	}
	return $result;
}

Leave a Reply