Sanitizing Strings for MySQL?

Account Login

Latest Articles

The basic usage of PHPTAL, a XML/XHTML template library for PHP

by awuehr on 11-10-2008 in Tips & Tricks

Vulnerable methods and the areas they are commonly trusted in.

by Village Idiot on 11-04-2008 in Classes & Objects

Simple way to protect a form from bot

by codefreek on 10-23-2008 in Basic

The Basics On: How Session Stealing Works

by wiifanatic on 09-12-2008 in Security & Permissions

How to keep your forms from double posting data

by drewbee on 07-03-2008 in Tips & Tricks

IRC Channel

Join the friendly bunch on IRC...
(#TalkPHP on Freenode)

...Also available via a web interface.

See this thread for information on the TalkPHP Free Hugs Initiative™. Subject to availability.

Associates

TalkPHP » Sanitizing Strings for MySQL?

LinkBack

Thread Tools

Search this Thread

Display Modes

10-17-2008, 05:52 PM	#1 (permalink)
Stealth The Wanderer Join Date: Jul 2008 Posts: 8 Thanks: 1	Sanitizing Strings for MySQL? Could you use addslashes and mysql_real_escape_string together to sanitize user input? Example: Code: <?php $q = addslashes(trim(mysql_real_escape_string($_POST['input']))); $insert = "INSERT INTO table1 (input) VALUES ('$q')") or die(mysql_error()); ?> Would it clean up the string to protect against SQL Injections? Thanks.

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Switch to Hybrid Mode Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

All times are GMT. The time now is 01:52 PM.