Hello list, I was just sitting here thinking how to secure my php code and thought I would run it by the pros. I don't know what the standard practice is to secure against sql injection and malformed information passed from forms. This probably has been done several times I just would like to know if I should do it this way or if there is a better way.
What I though to do is create a function that simply went through a variable and removed the quotes. Something that could be used when pulling the variables from the form right of the bat. i.e. $form_var = secure($_POST['var']; after that just do everything else as normal. So I just really looking for advice on securing my web app. BTW: any body heard of or use Cisco's VMPS? Jeremy Russell Network Administrator, CNI 580.235.2377 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php