FUDforum: comp.lang.php » is mysqli_real_escape_string bullet proof with binary data?

Home » Imported messages » comp.lang.php » is mysqli_real_escape_string bullet proof with binary data?

Show: Today's Messages :: Polls :: Message Navigator

Re: is mysqli_real_escape_string bullet proof with binary data? [message #182321 is a reply to message #182320]

Sun, 28 July 2013 13:35

J.O. Aho
Messages: 194
Registered: September 2010

Karma:

Senior Member

On 28/07/13 14:54, Luuk wrote:

> I think i was using a prepared statement.
> And i wonder why i need to check if the contents of this png-file is
> really a png-file, or maybe a script. I'm not executing any code that
> MIGHT be stored in this file. I'm just storing the contents of that file
> in some blob.

If you worry that the image data includes something that may cause the
database do something else than just insert the image, then see to
base64 encode it first, this way you will not be affected by the
content, of course you make things a bit more "heavy" for the system as
you will need to decode the blob each time you want to use the image,
but then if you use some sort of cache then you can store the decoded
blob in the cache and use it as long as it residence there.

--

//Aho

Report message to a moderator

[Message index]

		is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sat, 27 July 2013 09:31
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sat, 27 July 2013 09:45
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sat, 27 July 2013 11:08
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sat, 27 July 2013 13:28
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sat, 27 July 2013 14:36
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sat, 27 July 2013 15:22
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sat, 27 July 2013 15:34
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 23:44
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sun, 28 July 2013 12:54
		Re: is mysqli_real_escape_string bullet proof with binary data? By: J.O. Aho on Sun, 28 July 2013 13:35
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sun, 28 July 2013 13:39
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sun, 28 July 2013 15:25
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sun, 28 July 2013 19:05
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sun, 28 July 2013 19:16
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Mon, 29 July 2013 00:46
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Daniel Pitts on Mon, 29 July 2013 16:17
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Mon, 29 July 2013 18:01
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Mon, 29 July 2013 23:04
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Tue, 30 July 2013 01:02
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Mon, 29 July 2013 18:34
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 13:52
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sat, 27 July 2013 13:58
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 14:36
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 14:43
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Pierre Jaury on Sat, 27 July 2013 18:10
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 23:52
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Denis McMahon on Sat, 27 July 2013 18:38
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Pierre Jaury on Sat, 27 July 2013 20:25
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sat, 27 July 2013 20:59
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sat, 27 July 2013 23:50
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sun, 28 July 2013 15:44
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Pierre Jaury on Sun, 28 July 2013 16:01
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sun, 28 July 2013 16:43
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Sun, 28 July 2013 18:31
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sun, 28 July 2013 16:39
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Pierre Jaury on Sun, 28 July 2013 17:56
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sun, 28 July 2013 18:14
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sun, 28 July 2013 19:10
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Norman Peelman on Mon, 29 July 2013 01:13
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sat, 27 July 2013 23:46
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 23:56
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Pierre Jaury on Sun, 28 July 2013 01:55
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sun, 28 July 2013 02:11
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 23:58
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Norman Peelman on Sat, 27 July 2013 13:35
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 13:56
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Norman Peelman on Sun, 28 July 2013 00:01
		Re: is mysqli_real_escape_string bullet proof with binary data? By: The Natural Philosoph on Sat, 27 July 2013 14:33
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Sat, 27 July 2013 13:57
		I've always used GD, but never been 100% happy with it (Was: is mysqli_real_escape_string bullet proof with binary data?) By: J.O. Aho on Sat, 27 July 2013 16:09
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Luuk on Mon, 29 July 2013 18:37
		Re: is mysqli_real_escape_string bullet proof with binary data? By: J.O. Aho on Tue, 30 July 2013 05:31
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Tue, 30 July 2013 06:08
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Scott Johnson on Tue, 30 July 2013 12:35
		Re: is mysqli_real_escape_string bullet proof with binary data? By: J.O. Aho on Tue, 30 July 2013 15:53
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Jerry Stuckle on Tue, 30 July 2013 16:37
		Re: is mysqli_real_escape_string bullet proof with binary data? By: tony on Tue, 30 July 2013 09:35
		Re: is mysqli_real_escape_string bullet proof with binary data? By: Denis McMahon on Wed, 31 July 2013 04:56

Previous Topic:	Major trouble with PhpDocumentor
Next Topic:	Education Path to become a PHP developer using free online courses

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Mon Nov 25 03:33:34 GMT 2024

Total time taken to generate the page: 0.05100 seconds