Thy words are wise, milord.
Bogdan
John W. Holmes wrote:
Also, please note that if you're using MySQL you don't have to bother
at
all security-wise - MySQL won't accept more than one query per
mysql_query(). You do have to bother about regular errors though - if
$f_namn or $email contain quo
> Also, please note that if you're using MySQL you don't have to bother
at
> all security-wise - MySQL won't accept more than one query per
> mysql_query(). You do have to bother about regular errors though - if
> $f_namn or $email contain quotes (which $email might well contain)
then
> you're goin
Also, please note that if you're using MySQL you don't have to bother at
all security-wise - MySQL won't accept more than one query per
mysql_query(). You do have to bother about regular errors though - if
$f_namn or $email contain quotes (which $email might well contain) then
you're going to e
> >addslashes should be enough and put qoutes arround your strings in the
sql
>
> Meaning that a query like this one is safe, as long as I first have
> $e_namn = addslashes($e_namn);?
>
> $query = "INSERT INTO addr (last_name, first_name, email)
> VALUES(\"$e_namn\",\"$f_namn\",\"$email\")";
Yea
addslashes should be enough and put qoutes arround your strings in the sql
Meaning that a query like this one is safe, as long as I first have
$e_namn = addslashes($e_namn);?
$query = "INSERT INTO addr (last_name, first_name, email)
VALUES(\"$e_namn\",\"$f_namn\",\"$email\")";
--
PHP Gene
addslashes should be enough and put qoutes arround your strings in the sql
At 14:58 18-12-02 +0100, Anders Thoresson wrote:
Would this function do the trick?
// validate.php - functions that validates form input
function validate_string($unsafe_string) {
// create array containing b
Why would you do all this? Just use addslashes() and let them send all the
crap they want. All it will do is cause your query to return zero results,
which you should be handling all ready. If you're ever including a variable
in an SQL query that's not enclosed in quotes, then make darn sure you've
7 matches
Mail list logo
