function clean_value($val) {
if ($val == "")
{
return "";
}
$val = trim($val);
$val = str_replace( " " , " " , $val );
$val = str_replace( "&" , "&" , $val );
$val = str_replace( "<!--" , "<!--" , $val );
$val = str_replace( "-->" , "-->" , $val );
$val = preg_replace( "/<script/i" , "<script" , $val );
$val = str_replace( ">" , ">" , $val );
$val = str_replace( "<" , "<" , $val );
$val = str_replace( "\"" , """ , $val );
$val = preg_replace( "/\|/" , "|" , $val );
$val = preg_replace( "/\n/" , "<br>" , $val ); // Convert literal newlines
$val = preg_replace( "/\\\$/" , "$" , $val );
$val = preg_replace( "/\r/" , "" , $val ); // Remove literal carriage returns
$val = str_replace( "!" , "!" , $val );
$val = str_replace( "'" , "'" , $val ); // IMPORTANT: It helps to increase sql query afety.
$val = stripslashes($val); // Swop PHP added backslashes
$val = preg_replace( "/\\\/" , "\" , $val ); // Swop user inputted backslashes
return $val;
}
if ($val == "")
{
return "";
}
$val = trim($val);
$val = str_replace( " " , " " , $val );
$val = str_replace( "&" , "&" , $val );
$val = str_replace( "<!--" , "<!--" , $val );
$val = str_replace( "-->" , "-->" , $val );
$val = preg_replace( "/<script/i" , "<script" , $val );
$val = str_replace( ">" , ">" , $val );
$val = str_replace( "<" , "<" , $val );
$val = str_replace( "\"" , """ , $val );
$val = preg_replace( "/\|/" , "|" , $val );
$val = preg_replace( "/\n/" , "<br>" , $val ); // Convert literal newlines
$val = preg_replace( "/\\\$/" , "$" , $val );
$val = preg_replace( "/\r/" , "" , $val ); // Remove literal carriage returns
$val = str_replace( "!" , "!" , $val );
$val = str_replace( "'" , "'" , $val ); // IMPORTANT: It helps to increase sql query afety.
$val = stripslashes($val); // Swop PHP added backslashes
$val = preg_replace( "/\\\/" , "\" , $val ); // Swop user inputted backslashes
return $val;
}
是PHP的函数吗?
能处理多少种字符?