Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.

Trending News

Knoxville police work the scene of a shooting at Austin-East Magnet High School. (AP)

Student who fired at officers at Tenn. school killed

Social media has new hero in bowler 'the Ginger Assassin'

Kim Kardashian and Kanye West. (Getty Images)

Kanye West requests joint custody of children

A pastor's son becomes a critic of religion on TikTok

NBA coaches speak out after Daunte Wright shooting

Rep. Matt Gaetz at the Conservative Political Action Conference in Orlando, Fla. (The New York Times)

'Tiger King got elected tax collector': Inside Gaetz case

Protests erupted in Brooklyn Center, Minn., after police fatally shot Daunte Wright during a traffic stop. (Reuters)

NFL players react to police shooting of Daunte Wright

Porizkova, 56, on dating: 'I'm there to be pleased'

Parent and child illustration. (The New York Times)

How to spot depression in young children

Defense Undersecretary for Policy Christine Wormuth testifies on Capitol Hill. (Gabriella Demczuk/Getty Images)

Biden nominates 1st woman to be Army secretary

Fox News backs Carlson after ADL urges his firing

More trending news?Visit Yahoo Home

Promoted

Nik

Lv 7

Nik asked in Computers & Internet Programming & Design · 6 years ago

Safest way to validate a textarea with PHP?

Its not like a normal input in the description I would want to safely allow commas, apostrophes and more that are also database friendly. I've already got the preg_match working to safely validate other inputs but with a description input I would want it to allow more of these grammatical signs but to do so safely.

How do you go about amending the preg_match function?

Thanks

2 Answers

Relevance

Jeff P
Lv 7
6 years ago
Just use PHP's filter_var() function with the FILTER_SANITIZE_SPECIAL_CHARS filter. Don't mess with preg_match()--filter_var() is all you need, and this is what it is designed for.
Source(s): http://www.w3schools.com/php/filter_sanitize_speci...
?
Lv 6
6 years ago
wrap it in mysqli_escape_string... like mysqli_escape_string($textarea_content); ... or look up prepared statements (PDO). Which is a much better and safer way to insert data in to a database and automatically escapes your data.

Still have questions? Get your answers by asking now.