View Full Version : sql injection
01-20-2008, 07:35 PM
anybody have good function codes to prevent sql injection?
01-20-2008, 07:44 PM
You can use mysql_real_escape_string() to prevent SQL injection.
01-21-2008, 08:24 PM
You can also check user input against the ctype_ functions. This can prevent SQL injection as well because the input must ONLY contain what the ctype allows. But otherwise, just use mysql_real_escape_string().
Powered by vBulletin® Version 4.2.2 Copyright © 2016 vBulletin Solutions, Inc. All rights reserved.