Search found 4 matches
- Mon May 21, 2012 9:24 am
- Forum: PHP - Code
- Topic: MySQLReal_Escape_String and Strip_tags protection
- Replies: 6
- Views: 463
Re: MySQLReal_Escape_String and Strip_tags protection
Well, someone told me, an SQL injection can be done here: 0); DROP TABLE photos; --
- Mon May 21, 2012 9:18 am
- Forum: PHP - Code
- Topic: MySQLReal_Escape_String and Strip_tags protection
- Replies: 6
- Views: 463
Re: MySQLReal_Escape_String and Strip_tags protection
Well both your answers are good, but I prefer to take the first one as it has simplified the code, I mean remove the key value lol... THANK YOU BOTH OF YOU GUYS... You are great...Im new here...and Im satisfied of this forum.. 
- Mon May 21, 2012 8:54 am
- Forum: PHP - Code
- Topic: MySQLReal_Escape_String and Strip_tags protection
- Replies: 6
- Views: 463
Re: MySQLReal_Escape_String and Strip_tags protection
Yes, that's the problem, any suggestion how to protect it? I'm a newbie
- Mon May 21, 2012 8:13 am
- Forum: PHP - Code
- Topic: MySQLReal_Escape_String and Strip_tags protection
- Replies: 6
- Views: 463
MySQLReal_Escape_String and Strip_tags protection
I have a FOR EACH loop, which is applied on a check-box, but when I applied protections to protect it against SQL injection and XSS, it gives me errors. Here the codes below: The check-box name is: <input type="checkbox" name="delete[]" value="'.$row['img_ID'].'"/> if (...