On Tuesday, 21 July 2015 at 17:23:30 UTC, ddos wrote:
How do i sanitize a string for database query?
You generally shouldn't even try, instead use the database
functions that bind parameters to the procedure.
Is there some builtin function?
It is different for each database target.
How do i sanitize a string for database query?
Is there some builtin function?
thx :)
On Tuesday, 21 July 2015 at 17:23:30 UTC, ddos wrote:
How do i sanitize a string for database query?
Is there some builtin function?
thx :)
Use prepared statements instead.
https://en.wikipedia.org/wiki/Prepared_statement
On Tuesday, 21 July 2015 at 18:55:53 UTC, ddos wrote:
On Tuesday, 21 July 2015 at 17:58:55 UTC, Gary Willoughby wrote:
On Tuesday, 21 July 2015 at 17:23:30 UTC, ddos wrote:
How do i sanitize a string for database query?
Is there some builtin function?
thx :)
Use prepared statements instead
thx
On Tuesday, 21 July 2015 at 17:58:55 UTC, Gary Willoughby wrote:
On Tuesday, 21 July 2015 at 17:23:30 UTC, ddos wrote:
How do i sanitize a string for database query?
Is there some builtin function?
thx :)
Use prepared statements instead.
https://en.wikipedia.org/wiki/Prepared_statement
On Tuesday, 21 July 2015 at 18:55:53 UTC, ddos wrote:
On Tuesday, 21 July 2015 at 17:58:55 UTC, Gary Willoughby wrote:
On Tuesday, 21 July 2015 at 17:23:30 UTC, ddos wrote:
How do i sanitize a string for database query?
Is there some builtin function?
thx :)
Use prepared statements instead