On Jul 8, 2010, at 12:38 PM, David Mehler wrote:
> Hello,
> Got a form that takes in data to enter in to a database. I want to
> make it as secure and as invulnerable to sql injection and other
> attacks as possible. I'm wondering if mysqli_real_escape_string or
> stripslashes should be used or
Hello,
Got a form that takes in data to enter in to a database. I want to
make it as secure and as invulnerable to sql injection and other
attacks as possible. I'm wondering if mysqli_real_escape_string or
stripslashes should be used or if the former does the latter. For
example, I have a name vari
At 9:48 PM -0500 5/14/08, Chris W wrote:
I was wondering what others think of my approach to form validation.
I know many use Java script to do various validation. However,
since there is no way to be sure the data sent to the server is
actually valid, you have to check it in your php code on
I completely agree, server-side validation does always have to exist.
That said, I like providing feedback on the validity of a form before
the user leaves the page AND I hate duplicating the validation logic
in Javascript when it's already present in my PHP.
What I did in my PHP framework
On Wed, 2008-05-14 at 21:48 -0500, Chris W wrote:
> I was wondering what others think of my approach to form validation. I
> know many use Java script to do various validation. However, since
> there is no way to be sure the data sent to the server is actually
> valid, you have to check it in
On Wed, May 14, 2008 at 10:48 PM, Chris W <[EMAIL PROTECTED]> wrote:
> I was wondering what others think of my approach to form validation. I
> know many use Java script to do various validation. However, since there is
> no way to be sure the data sent to the server is actually valid, you have
client validation is a way to provide quick response to the user for
whether their input is correct or not. It doesn't guarantee
correctness of the posted data. Because everything from client can't
be trusted.
On 5/15/08, Chris W <[EMAIL PROTECTED]> wrote:
> I was wondering what others think of my
I was wondering what others think of my approach to form validation. I
know many use Java script to do various validation. However, since
there is no way to be sure the data sent to the server is actually
valid, you have to check it in your php code on the server anyway.
Granted you don't ha
8 matches
Mail list logo
