TalkPHP - View Single Post

Scottymeuk · 01-08-2009, 09:04 PM

You need to secure all of the $_POST and $_GET methods. An example is below (Please note that the mysql function I am using is the minimum you need to do. You should do a lot more and im sure if you search here you will find some tutorials on it. Search for xss protection or something):

PHP Code:


			
$theGet = mysql_real_escape_string($_GET['theGet']);

01-08-2009, 09:04 PM	#6 (permalink)
Scottymeuk The Contributor Join Date: Jan 2009 Posts: 40 Thanks: 10	You need to secure all of the $_POST and $_GET methods. An example is below (Please note that the mysql function I am using is the minimum you need to do. You should do a lot more and im sure if you search here you will find some tutorials on it. Search for xss protection or something): PHP Code: `$theGet = mysql_real_escape_string($_GET['theGet']);`