Hello,
Got a form that takes in data to enter in to a database. I want to
make it as secure and as invulnerable to sql injection and other
attacks as possible. I'm wondering if mysqli_real_escape_string or
stripslashes should be used or if the former does the latter. For
example, I have a name
On Jul 8, 2010, at 12:38 PM, David Mehler dave.meh...@gmail.com wrote:
Hello,
Got a form that takes in data to enter in to a database. I want to
make it as secure and as invulnerable to sql injection and other
attacks as possible. I'm wondering if mysqli_real_escape_string or
stripslashes
I completely agree, server-side validation does always have to exist.
That said, I like providing feedback on the validity of a form before
the user leaves the page AND I hate duplicating the validation logic
in Javascript when it's already present in my PHP.
What I did in my PHP
At 9:48 PM -0500 5/14/08, Chris W wrote:
I was wondering what others think of my approach to form validation.
I know many use Java script to do various validation. However,
since there is no way to be sure the data sent to the server is
actually valid, you have to check it in your php code on
I was wondering what others think of my approach to form validation. I
know many use Java script to do various validation. However, since
there is no way to be sure the data sent to the server is actually
valid, you have to check it in your php code on the server anyway.
Granted you don't
client validation is a way to provide quick response to the user for
whether their input is correct or not. It doesn't guarantee
correctness of the posted data. Because everything from client can't
be trusted.
On 5/15/08, Chris W [EMAIL PROTECTED] wrote:
I was wondering what others think of my
On Wed, May 14, 2008 at 10:48 PM, Chris W [EMAIL PROTECTED] wrote:
I was wondering what others think of my approach to form validation. I
know many use Java script to do various validation. However, since there is
no way to be sure the data sent to the server is actually valid, you have to
On Wed, 2008-05-14 at 21:48 -0500, Chris W wrote:
I was wondering what others think of my approach to form validation. I
know many use Java script to do various validation. However, since
there is no way to be sure the data sent to the server is actually
valid, you have to check it in
8 matches
Mail list logo
