FUDforum: comp.lang.php » Data sanitation for mysql queries.

Home » Imported messages » comp.lang.php » Data sanitation for mysql queries.

Show: Today's Messages :: Polls :: Message Navigator

Re: Data sanitation for mysql queries. [message #179687 is a reply to message #179663]

Sun, 18 November 2012 01:47

Peter H. Coffin
Messages: 245
Registered: September 2010

Karma:

Senior Member

On Fri, 16 Nov 2012 11:36:18 -0800 (PST), cph wrote:

> I am not asking about validation that is a whole other topic. This is
> specifically about sanitation. The problem with real_escape_string is
> from what I have read its not good enough to prevent sql injections.

Where did you read that? It's better than add_slashes because it's
actually AWARE of the connection parameters, like what the actual escape
character is.

--
54. I will not strike a bargain with a demonic being then attempt to
double-cross it simply because I feel like being contrary.
--Peter Anspach's list of things to do as an Evil Overlord

Report message to a moderator

[Message index]

		Data sanitation for mysql queries. By: cph on Fri, 16 November 2012 18:10
		Re: Data sanitation for mysql queries. By: Daniel Pitts on Fri, 16 November 2012 18:49
		Re: Data sanitation for mysql queries. By: Jerry Stuckle on Fri, 16 November 2012 18:56
		Re: Data sanitation for mysql queries. By: cph on Fri, 16 November 2012 19:36
		Re: Data sanitation for mysql queries. By: Jerry Stuckle on Fri, 16 November 2012 21:46
		Re: Data sanitation for mysql queries. By: Peter H. Coffin on Sun, 18 November 2012 01:47

Previous Topic:	How to add dynamic textbox (row) and save to database using PHP
Next Topic:	Scrape dynamically generated hyperlinks

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat Nov 23 12:45:54 GMT 2024

Total time taken to generate the page: 0.04233 seconds