Yo tengo armada esta funcin, que me ha servido mucho en materia de seguridad para filtrar el texto que ingreso a la base de datos, espero te sirva como para tenerla archivada por ah.
Es bastante rudimentaria pero me ha funcionado siempre...
Saludos.
Cdigo PHP:
<?php
function limpiador($texto){
$cod[]='#';
$cod[]='&';
$cod[]='!';
$cod[]=''';
$cod[]='$';
$cod[]='%';
$cod[]='(';
$cod[]=')';
$cod[]='*';
$cod[]='+';
$cod[]=',';
$cod[]='-';
$cod[]='.';
$cod[]='/';
$cod[]=':';
$cod[]='<';
$cod[]='=';
$cod[]='>';
$cod[]='?';
$cod[]='@';
$cod[]='[';
$cod[]='';
$cod[]=']';
$cod[]='^';
$cod[]='_';
$cod[]='`';
$cod[]='{';
$cod[]='|';
$cod[]='}';
$cod[]='~';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='*';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='';
$cod[]='Œ';
$cod[]='œ';
$cod[]='Š';
$cod[]='š';
$cod[]='Ÿ';
$cod[]='ƒ';
$cod[]='–';
$cod[]='—';
$cod[]='‘';
$cod[]='’';
$cod[]='‚';
$cod[]='“';
$cod[]='”';
$cod[]='„';
$cod[]='†';
$cod[]='‡';
$cod[]='•';
$cod[]='…';
$cod[]='‰';
$cod[]='€';
$cod[]='™';
$cod[]='<strong>';
$cod[]='</strong>';
$cod[]='<em>';
$cod[]='</em>';
$cod[]='<br />';
$cod[]='"';
$cod[]='"';
$cod[]='"';
$caracter[]='#';
$caracter[]='&';
$caracter[]='!';
$caracter[]="'";
$caracter[]='$';
$caracter[]='%';
$caracter[]='(';
$caracter[]=')';
$caracter[]='*';
$caracter[]='+';
$caracter[]=',';
$caracter[]='-';
$caracter[]='.';
$caracter[]='/';
$caracter[]=':';
$caracter[]='<';
$caracter[]='=';
$caracter[]='>';
$caracter[]='?';
$caracter[]='@';
$caracter[]='[';
$caracter[]='\\';
$caracter[]=']';
$caracter[]='^';
$caracter[]='_';
$caracter[]='`';
$caracter[]='{';
$caracter[]='|';
$caracter[]='}';
$caracter[]='~';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='*';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='';
$caracter[]='Œ';
$caracter[]='œ';
$caracter[]='Š';
$caracter[]='š';
$caracter[]='Ÿ';
$caracter[]='ƒ';
$caracter[]='–';
$caracter[]='—';
$caracter[]='‘';
$caracter[]='’';
$caracter[]='';
$caracter[]='“';
$caracter[]='”';
$caracter[]='„';
$caracter[]='†';
$caracter[]='‡';
$caracter[]='•';
$caracter[]='…';
$caracter[]='‰';
$caracter[]='€';
$caracter[]='™';
$caracter[]='ennegrita';
$caracter[]='finnegrita';
$caracter[]='encursiva';
$caracter[]='fincursiva';
$caracter[]="\n";
$caracter[]="“";
$caracter[]="”";
$caracter[]='"';
$numero=0;
while($numero <= 154) {
//explora el array de caracteres uno por uno desde el valor [0] hasta el valor final 128 caracteres
$texto=str_replace ($caracter[$numero], $cod[$numero], $texto);
$numero=$numero+1;
}
$textofinal=$texto;
return $textofinal;
}
?>