I am thinking str_replace is my only option to filter outputs from my database to convert them to safe url variables.
I am working with a database with over 4million records, and apparently when the database was created no one though about database safety, or site safety or I don't think much in general.
Did you know?Explore Trending and Topic pages for more stories like this.
So that said in the database I have characters like & ' " etc.. stuff that most people will sanitize in one way shape form or another and store as such. I guess with this post I am trying to find out what are the most important characters such as above mentioned that I should attempt to filter out, or filter differently. I am also using some of these variables within URL's so its important that I can pass them through URL variables.
The urls are being phased in 2 ways one, your standard long url (ie: index.php?a=var&b=var&c=var) and then a more SEO friendly version /a/var/b/var/ in either event I cant have ' " & other in the URLs they just dont work. For other reasons I cant have them just output in the code. So what ever characters i need to filter out and what I should filter them out as that as, as in what would you suggest to phase them as? Anything that could break code, or not work in a URL I need to know.
Also if anyone knows a better way to do it than str_replace("&", "What to replace"); ill take advice there too :-)
