I am using a javascript date picker that allows the user to select a date. However, I would like to also sanitize the posted date data before entering into the database. I am not seeing any sanitize filter here: http://us2.php.net/manual/en/filter.filters.sanitize.php
What would be the best method to sanitize a date before entering into a database?
This would be the original value from the post:
$datepick = $_POST['date'];
// wich is 04/12/2014
Then I convert it for the database:
$date = date("Y-m-d", strtotime($datepick));
Thanks!
If your date is like "03/02/2014" then you can simply clean your variable by regexp:
$date = preg_replace("([^0-9/])", "", $_POST['date']);
This allows only digits (0-9) and fwd slash (/).
Formatting the date sanitizes it, because:
- If the formatter succeeds, then it will only be a date, with syntax controlled by the format string.
- If it fails, then FALSE is returned.
This is true of:
DateTime::format
DateTimeImmutable::format
DateTimeInterface::format
date_format()
Date($format, $date_string)
This expression can be used to support both 12/12/2016 and 12-12-1993 formats.
filter_var (preg_replace("([^0-9/] | [^0-9-])","",htmlentities($input)));
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 该账号已被封号 的文章《Sanitizing a Date》','https://www.manongdao.com/article-684520.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}