Protection against SQL injection attacks!!!
Posted: Mon Mar 08, 2004 6:44 pm
I am having some troubles with others using SQL injection within my site. Is there any method to remove or replace specific characters like *, ;, ',", etc etc, from login or sign-up forms..
I have tried:
$username = str_replace("''","'", $username);
And still had no luck. Any suggestions will help.
Regards
Joe
I have tried:
$username = str_replace("''","'", $username);
And still had no luck. Any suggestions will help.
Regards
Joe