Page 1 of 1

addslashes vs escapeshellcmd

Posted: Mon Feb 23, 2004 1:51 pm
by Overunner
Hello...

I am currently working on a 'secure' login script and wonder if it is more secure to query the database with a 'slashed'-variable, or an 'escaped'-variable.

Posted: Mon Feb 23, 2004 1:54 pm
by markl999
Maybe with a <db>_escape_string() like mysql_escape_string() ?