我正在尝试一种简便的方法来清除表单中的所有输入数据。这段代码有意义吗?而且安全吗?
public function filter( $data )
{
if( !is_array( $data ) )
{
$data = trim($data);
$data = mysqli_real_escape_string( $this->link, $data );
}
else
{
//Self call function to sanitize array data
$data = array_map( array( 'DB', 'filter' ), $data );
}
return $data;
}
$_POST = $database->filter($_POST);
//will all post variables now be safely escaped?