<?php
function cleanUserInput($userinput) {
// Open your database connection
$dbConnection = databaseConnect();
// check if input is empty
if (empty($userinput)) {
return;
} else {
// Strip any html characters
$userinput = htmlspecialchars($userinput);
// Clean input using the database
$userinput = mysqli_real_escape_string($dbConnection, $userinput);
}
// Return a cleaned string
return $userinput;
}
?>