FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Sanitizing user input
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Sanitizing user input [message #169724] Fri, 24 September 2010 05:42 Go to previous message
MikeB is currently offline  MikeB
Messages: 65
Registered: September 2010
Karma:
Member
I'm reading that it is a "good idea" to sanitize all data returned in a
HTML form. The book recommends using the mysql_real_escape_string()
function as well as stripslashes() and for some data it also recommends
using htmlentities().

Question now is that the mysql function is only available if I'm
connected to a mysql database.

Is the mysql sanitizing only necessary for data fields that are going to
be used against the database? Or is there a similar function to
sanitize user data that may not be used as part of the sql data?
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: how to write a wsdl for php webservice?
Next Topic: ANNOUNCE - NHI1 / PLMK / libmsgque - Work-Package-II
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 06:10:34 GMT 2024

Total time taken to generate the page: 0.05032 seconds