""Jacob Kruger"" schrieb im Newsbeitrag
news:000301ca15cf$b71e72c0$6401a...@spaceque1d2a04...
> Ok, now got this from w3schools.com:
>
> function check_input($value)
> {
> // Stripslashes
> if (get_magic_quotes_gpc())
> {
> $value = stripslashes($value);
> }
> // Quote if not a number
> if (!i
PM
To: php-windows@lists.php.net
Subject: [PHP-WIN] Relatively simple PHP function to block sql injection
Haven't gotten around to really looking for this too much, and currently
really only replace any single 's with double ones before performing an
insert into MySQL, but was just wondering
mysql_real_escape_string() / mysqli_real_escape_string()
Louis Solomon
www.SteelBytes.com
-Original Message-
From: Jacob Kruger [mailto:jac...@mailzone.co.za]
Sent: Wednesday, 5 August 2009 2:58 PM
To: php-windows@lists.php.net
Subject: [PHP-WIN] Relatively simple PHP function to block
> Haven't gotten around to really looking for this too much, and currently
> really only replace any single 's with double ones before performing an
> insert into MySQL, but was just wondering if there are any 'standard' PHP
> functions out there that get used to block any form of attempted sql
Haven't gotten around to really looking for this too much, and currently
really only replace any single 's with double ones before performing an
insert into MySQL, but was just wondering if there are any 'standard' PHP
functions out there that get used to block any form of attempted sql
injecti
