Can somebody share there clean classes with me. I have quite a few things i need validating, and right now it's just at mysql_real_escape_string, it needs to process html though. Thats the only drawback, thanks!
Results 1 to 10 of 15
Thread: SQL Injection Protection
-
SQL Injection Protection
How could this hapen to meeeeeeeeeeeeeee?
lol.
-
uhh, forget that apparently this wysiwyg editor is absolutely stupid, just use this:
http://pastebin.com/m2d7e3fd9Last edited by Jewish Bear; 09-03-2008 at 11:45 PM.
visit my internet web site on the internet
http://dong.engineer/
it is just videos by bill wurtz videos you have been warned
-
ty much
How could this hapen to meeeeeeeeeeeeeee?lol.
-
The link Dan posted will work just fine but could you not/wouldn't it be wise to use that in conjunction with some other string replace queries (eg. SELECT FROM, UPDATE, DELETE, etc.)?
-
Not really, with ''s out of the question any well formed SQL query wont have problems like that, I stopped removing stuff like that ages ago.
Originally Posted by Scriptz
visit my internet web site on the internet
http://dong.engineer/
it is just videos by bill wurtz videos you have been warned
-
Test the divs.
-
Who the heck are you? Oh Ivake, ok.
How could this hapen to meeeeeeeeeeeeeee?lol.
-
I have to agree, that was funny. Originally Posted by Insedated
Just addslashes?
-
what about mysql_real_escape_string and htmlentities and all that jazz.
How could this hapen to meeeeeeeeeeeeeee?lol.
-
You can use mysql_real_escape_string, but I advise against it.
htmlentities has nothing to do with HTML injection.. that changes ^&$&U^& and all those symbols to their HTML version.
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts