Reply to Re: [PHP] MySql injections (related question)

Your name:

Reply:


Posted by James Williams on 05/12/05 22:39

I'm pretty sure that, in order to use mysql_real_escape_string() you
must have magic quotes off or use stripslashes first... the same as
addslashes, so it should work if you just search and replace. Don't
quote me on that though

On 5/12/05, Richard Lynch <ceo@l-i-e.com> wrote:
> On Wed, May 11, 2005 8:27 pm, James Williams said:
> > On 5/11/05, Richard Lynch <ceo@l-i-e.com> wrote:
> >> Is mysql_real_escape_string *DIFFERENT* in some incredibly huge secure
> >> way
> >> that I want to stop working on all my current projects to go re-write
> >> the
> >> 10,000,000 lines of code?
> >
> > 2 words: Search & Replace.
>
> 2 words: Magic Quotes
>
> --
> Like Music?
> http://l-i-e.com/artists.htm
>
>


--
jamwil.com

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация