On Fri, Oct 17, 2003 at 09:38:12AM -0500, Jeremy Russell wrote: : : I was just sitting here thinking how to secure my php code and : thought I would run it by the pros. I don't know what the standard : practice is to secure against sql injection and malformed information : passed from forms. This probably has been done several times I just : would like to know if I should do it this way or if there is a better : way.
If you're using MySQL, you can use mysql_real_escape_string(). If you're using another database, hopefully there is a similar function. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
