You are here: Re: PHP/MySQL injection « PHP Programming Language « IT news, forums, messages
Re: PHP/MySQL injection

Posted by Scott Auge on 07/26/05 07:01

In article <dc3t0g$fa9$1@news2.zwoll1.ov.home.nl>,
Willem-Jan <wjzeeuwen@home.nl> wrote:

> Hi all,
>
> Im a newbee in PHP and MySQL. Im wondering if there is a standard
> combination of functions u should use on variabels psoted by a form
> before u add them to a database. Something like:
>
> $var = trim(addslashes($_POST['test']));
>
> Thanx,
> WJ


This is what I use:

http://amduus.com/phpezine/archive/Issue2.pdf

http://amduus.com/phpezine/archive/issue2.zip

Feel free to use it. It also handles (hopefully) cross scripting (aka
someone taps some javascript into the field for the next sucker to run).

--
Available for Hire! http://amduus.com/Resumes/

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация