You are here: Re: Can SID be trusted? « PHP Programming Language « IT news, forums, messages
Re: Can SID be trusted?

Posted by R. Rajesh Jeba Anbiah on 01/19/08 17:51

On Jan 18, 9:05 pm, Sebastian Lisken <Sebastian.Lis...@Uni-Bielefeld-
deletethis.de> wrote:
> Thanks a lot for your response. I have a few questions/remarks ...
>
> R. Rajesh Jeba Anbiah <ng4rrjanb...@rediffmail.com> wrote:
>
> > 1. mysql_real_escape_string() is again broken. Use prepare statements
>
> That sounds like something I should look into. Could you explain or
> point to some source on the web? I'd want to know in what sense it is
> broken, and although I glanced over PREPARE in the MySQL manual I can't
> yet see how that would resolve things. PREPARE seems to be SQL (unless
> you are referring tohttp://www.php.net/pdo-prepare) so I would still
> be wondering how to get my string from PHP over to SQL.

See http://ilia.ws/archives/103-mysql_real_escape_string-versus-Prepared-Statements.html
<snip>

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/

 

Navigation:

[Reply to this message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация