> Anyone have a link or links to how to definitively make safe inserts to
> databases with form information?

It's a good idea to validate all data you're sticking in before you do.
For example, if you have a numeric field, you don't want the person to
be able to submit letters in that field.  So, always check that the data
is formatted the way you want it to be before sending it to the

I usually use preg_replace() to remove undesireable characters.

If you want text to go into a field and want people to be able to have 
quotes and other such items in there, then use addslashes().


               PHP classes that make web design easier
        SQL Solution  |   Layout Solution   |  Form Solution
    sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY     v: 718-854-0335     f: 718-854-0409

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to