Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Php function isnt working!

  1. #11
    Just wanna add: NEVER TRUST YOUR USER

    http://www.php.net/addslashes

    http://www.php.net/strip_tags
    I find that mysql_real_escape_string works the best as no matter what they put in or how you escape things it's not going to break the query.

    The other thing, is to surround the column name with ticks which means that it accepts both the int and string of a number e.g

    $where = "where PARENT_ID='$parent_id' and CHILD_ID='$child_id' ";

    Cheers,
    Niggles

  2. #12
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    that is only part of the function anyways there are a bunch of functions in an includes function that call each other to build the queries and inserts and they are all cleaned going in and coming out

  3. #13
    Senior Member
    Join Date
    Mar 2003
    Location
    central il
    Posts
    1,779
    im not a big fan of sql real escape...we know that the var should not have any sql...a smple regx should tell us if there is any non expected char, just discard the bad input with a nasty response.
    Who is more trustworthy then all of the gurus or Buddha’s?

  4. #14
    im not a big fan of sql real escape...we know that the var should not have any sql..
    I find it's useful for letting characters such as ' or " be entered into comment fields or in CMS backend without risk of terminating the SQL command.

Similar Threads

  1. Developing a Port Scanner in Python
    By HTRegz in forum The Security Tutorials Forum
    Replies: 12
    Last Post: January 28th, 2006, 08:02 PM
  2. Ajax/Sajax/AjaxMonkey - the buzzwords of the web.
    By embro1001 in forum Other Tutorials Forum
    Replies: 0
    Last Post: July 16th, 2005, 05:25 PM
  3. Apache, PHP, MySQL with basic security settings.
    By nightcat in forum The Security Tutorials Forum
    Replies: 9
    Last Post: May 28th, 2005, 02:47 AM
  4. php mail function prob
    By journy101 in forum Newbie Security Questions
    Replies: 1
    Last Post: May 1st, 2003, 06:16 AM
  5. JavaScript - Three Chapters
    By jethro in forum Other Tutorials Forum
    Replies: 5
    Last Post: November 3rd, 2002, 03:09 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •