07-09-2012, 04:32 PM
|
#3 (permalink)
|
|
The Wanderer
Join Date: May 2012
Posts: 6
Thanks: 2
|
Quote:
Originally Posted by tony
You need to escape the special characters. If you don't sanitize your user input, you are vulnerable for SQL injections and other attacks. |
Yes i went on a stroll around the net to see what i could find out and found that i need such a thing,
$dtl = str_replace("'","\'",$dtl);
//now process
Never the less is there anything else that i should be aware of that could also cause such a thing? |
|
|
|