On 4 Oct 2011, at 20:44, Jim Giner wrote:
> "Stuart Dallas" wrote in message
> news:da8b3499-4d11-4053-9834-68b34d030...@3ft9.com...
> 1. Why are you using addslashes?
>
> 2. MySQL will strip one level of backslashes.
> *
>
>
> I thought you were supposed to do an addslashes to protec
On Tue, Oct 4, 2011 at 2:44 PM, Jim Giner wrote:
>
> I thought you were supposed to do an addslashes to protect your appl from
> malicious d/e.
>
To protect your app from malicious stuff going to SQL queries, you
should be using prepared statements, see
http://php.net/manual/en/pdo.prepared-stat
"Stuart Dallas" wrote in message
news:da8b3499-4d11-4053-9834-68b34d030...@3ft9.com...
1. Why are you using addslashes?
2. MySQL will strip one level of backslashes.
*
I thought you were supposed to do an addslashes to protect your appl from
malicious d/e.
Did not know that mysql dr
On 4 Oct 2011, at 20:23, Jim Giner wrote:
> I thought I knew how to do this.
>
> I have a form that collects some data fields. My script checks if magic
> quotes are off and (since they are) executes "addslashes" on each input
> field. Then I run a query to INSERT these 'slashed' vars into th
I thought I knew how to do this.
I have a form that collects some data fields. My script checks if magic
quotes are off and (since they are) executes "addslashes" on each input
field. Then I run a query to INSERT these 'slashed' vars into the database.
But when I go to phpadmin on my site the
5 matches
Mail list logo
