TalkPHP
Home Forums Articles Glossary Awards Register Rules Members Search Today's Posts Mark Forums Read
 
 
 
Account Login
Latest Articles
» The basic usage of PHPTAL, a XML/XHTML template library for PHP
by awuehr on 11-10-2008 in Tips & Tricks
» Vulnerable methods and the areas they are commonly trusted in.
by Village Idiot on 11-04-2008 in Classes & Objects
» Simple way to protect a form from bot
by codefreek on 10-23-2008 in Basic
» The Basics On: How Session Stealing Works
by wiifanatic on 09-12-2008 in Security & Permissions
» How to keep your forms from double posting data
by drewbee on 07-03-2008 in Tips & Tricks
IRC Channel
IRC Speech Bubble Join the friendly bunch on IRC...
(#TalkPHP on Freenode)

...Also available via a web interface.

See this thread for information on the TalkPHP Free Hugs Initiative™. Subject to availability.
Associates
Associates
CSS Tutorials
TalkPHP > Developer Forums > Advanced PHP Programming » Is This Good Enough?
Reply
 
LinkBack Thread Tools Search this Thread Display Modes
Old 12-21-2008, 07:40 PM   #1 (permalink)
how quixotic are you?
 
ETbyrne's Avatar
 
Join Date: Dec 2007
Location: Lapeer, MI
Posts: 445
Thanks: 37
ETbyrne is on a distinguished road
Asterix Is This Good Enough?
I have the following function for cleaning data for use with MySLQ and I just wanted to make sure it was sufficient before I used it in a production environment.

PHP Code:
function clean($data)
{
    if(ini_get('magic_quotes_gpc'))
    {
            $data stripslashes($data);
    }
        
    return mysql_real_escape_string($data);
Thanks!
__________________
Dingo Web Systems > http://www.dingocode.com
My Website > http://www.evanbot.com
ETbyrne is offline   		Reply With Quote
Old 12-24-2008, 05:54 PM   #2 (permalink)
The Frequenter
Newcomer 
 
xenon's Avatar
 
Join Date: Dec 2007
Location: Bucharest, Romania
Posts: 438
Thanks: 3
xenon is on a distinguished road
Default
I'd go with PDO, since data escaping is done automatically for you. Also, the mysqli class does that aswell, but I might be wrong here.
__________________
I have optimistic thoughts, even though sometimes (if not always) life's a bitch.
xenon is offline   		Reply With Quote
Old 12-24-2008, 06:35 PM   #3 (permalink)
The Wanderer
 
Join Date: Feb 2008
Posts: 15
Thanks: 2
Mathew is on a distinguished road
Default
You're right Xenon, mysqli escapes queries automatically.
Mathew is offline   		Reply With Quote
Old 12-25-2008, 10:02 AM   #4 (permalink)
The Frequenter
Newcomer 
 
xenon's Avatar
 
Join Date: Dec 2007
Location: Bucharest, Romania
Posts: 438
Thanks: 3
xenon is on a distinguished road
Default
Plus, that way you have the advantage of parameter binding, which offers you (also automatically) query caching. But, if you want to do that by hand, you'd want to run the data through addslashes and not stripslashes (although that is also done for you by the mysql_real_escape_string as far as I'm aware).
__________________
I have optimistic thoughts, even though sometimes (if not always) life's a bitch.
xenon is offline   		Reply With Quote
Reply

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Good PHP Book Recommendation CMellor The Lounge 4 06-23-2008 11:28 AM
i need some good ideas about my website webtuto General 4 03-14-2008 12:33 PM
Ajax - any good tutorials? Brook Absolute Beginners 5 01-16-2008 05:02 AM
Good business communication. Village Idiot The Lounge 10 01-11-2008 08:43 PM
Thank you very much for such a good work KanaomiSS General 0 09-11-2006 06:59 AM


All times are GMT. The time now is 03:16 PM.

 
     
Contact Us - TalkPHP - PHP Community - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Inactive Reminders By Icora Web Design