On Fri, 2010-02-19 at 15:18 +0200, Dotan Cohen wrote:

> In order to prevent SQL injection, can one simply base64 encode the
> data and store that? Then it can be decoded when I need to display it
> on a website. I understand that this means that the data will not be
> searchable, and that I still must sanitize it before printing it on
> the site. Are there any other drawbacks or things to be aware of?
> Thanks.
> -- 
> Dotan Cohen
> http://what-is-what.com
> http://gibberish.co.il
> Please CC me if you want to be sure that I read your message. I do not
> read all list mail.

I assume this would work. I always use mysql_real_escape_string(),
although that would predetermine your choice of database. That would
allow your content to be searchable though.


Reply via email to