Looking for a way to protect/validate forms w/ about 200 textarea input fields and more

Hi,
I hope someone can shed some light on a custom program I created where a user enters their data into several forms w/ many many text area input fields, and when they click submit, it simply saves their work to a database.

I am new to this and have gotten everything to work. Now I just have to protect it from malicious activities.

I think I need to do two things from what I'm learning:
1. On all inputs I am using conditional_escape so that when user types in quotes, etc, it'll escape them so when they view their work that's displayed next time they go to the site, the quotes, etc. display correctly.

Is conditional_escape also a way to safe guard against sql injections or do I need to use

mysql_real_escape_string ??

2. I want the easiest way to protect the inputs I have including many text areas, a few text, and a few checkboxes.

I don't care about the max characters of input for text areas, I just want to make sure that they can't insert anything that will cause trouble. And if we can have a error message display BEFORE submitting, that would be best. What do I need to do? Any simple approaches out there? Again, I probably have a total of 200 text area inputs.

I am new to this so please keep this in mind :-)

Thanks for any/all help!

Carl

Topic Participants
carl
danheberden
sunilladde

Looking for a way to protect/validate forms w/ about 200 textarea input fields and more

Looking for a way to protect/validate forms w/ about 200 textarea input fields and more

Topic Participants

carl

danheberden

sunilladde