You are here: Re: [PHP] Avoiding SQL injections: htmlentities() ? « PHP « IT news, forums, messages
Re: [PHP] Avoiding SQL injections: htmlentities() ?

Posted by tg-php on 03/27/05 07:12

Thanks a ton, Chris & Chris! Clear, concise and informative answers are always the best :) I knew the basic theory but never looked into the specifics on what, exactly, could be harmful in cases like this. In cases of security 'common sense' isn't always helpful because it's the uncommon sense that'll bite you in the behind.

Thanks again!

-TG

= = = Original message = = =

Chris Ramsay wrote:
> This is excellent:
>
> http://www.shiflett.org/

I'm glad you think so. :-)

There's a free article there on SQL injection:

http://shiflett.org/articles/security-corner-apr2004

I'm always refining the methods in which I explain things like SQL
injection, so my replies on this thread might be as good or better than
that article. The article also has user comments at the bottom, so you
might find something useful there also.

Hope that helps.

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/


___________________________________________________________
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.3 - Release Date: 3/25/2005

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация