FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » is mysqli_real_escape_string bullet proof with binary data?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: is mysqli_real_escape_string bullet proof with binary data? [message #182321 is a reply to message #182320] Sun, 28 July 2013 13:35 Go to previous messageGo to previous message
J.O. Aho is currently offline  J.O. Aho
Messages: 194
Registered: September 2010
Karma:
Senior Member
On 28/07/13 14:54, Luuk wrote:

> I think i was using a prepared statement.
> And i wonder why i need to check if the contents of this png-file is
> really a png-file, or maybe a script. I'm not executing any code that
> MIGHT be stored in this file. I'm just storing the contents of that file
> in some blob.

If you worry that the image data includes something that may cause the
database do something else than just insert the image, then see to
base64 encode it first, this way you will not be affected by the
content, of course you make things a bit more "heavy" for the system as
you will need to decode the blob each time you want to use the image,
but then if you use some sort of cache then you can store the decoded
blob in the cache and use it as long as it residence there.


--

//Aho
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Major trouble with PhpDocumentor
Next Topic: Education Path to become a PHP developer using free online courses
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 10 05:19:23 GMT 2024

Total time taken to generate the page: 0.04789 seconds