Re: Change value in result — PHP Programming Language

You are here: Re: Change value in result « PHP Programming Language « IT news, forums, messages

Posted by ByteCoder on 09/28/72 11:37

Oli Filth <catch@olifilth.co.uk> wrote in
news:ezMyf.892$mf2.515@newsfe6-win.ntli.net:

> ByteCoder said the following on 16/01/2006 12:11:
>> Oli Filth <catch@olifilth.co.uk> wrote in
>> news:%BLyf.35809$W4.22578@newsfe4-gui.ntli.net:
>>
>>> Incidentally, why are you storing stuff in your databases in a way
>>> that requires stripslashes() to be called? Just store the raw text,
>>> don't apply addslashes() or whatever to it.
>>>
>>>
>>
>> Thanks for the awnser. I do the addslashes and stripslashes because I
>> want to prevent SQL injection attacks. (When inserting a value in a
>> DB that was entered by a visitor).
>
>
> addslashes() is not a fail-safe method for putting data into a MySQL
> database. Use mysql_real_escape_string(), which is designed for this
> purpose.
>
>
>

I see. Thanks! :)

--
----------------------------------
- ByteCoder -
- "Da Evul Dootchie" -
- Qnl0ZUNvZGVyQHBsYW5ldC5ubA== -
----------------------------------

Navigation:

Next in forum: Re: Change value in result
Prev in forum: Re: Change value in result
Thread view: Re: Change value in result

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация