Escape string
Posted: Sat Aug 07, 2004 3:40 am
I was looking at escape string at mysql doc's, and read there that Esc String can significantely help in DB security.
My question is:
Do I need to add mysql_escape_string to the code if I have apache 1.31.x and PHP 4.34 or PHP 5.0
I tested the forms on my computer, and for every ' or " it replaced to \.
Does this mean that I don't need to worry about escape characters and strings, or do I need to include mysql_escape_string in the code?
Is it true that with this function you can prevent DOS, DDOS attacks ?
Thanks Ahead !
My question is:
Do I need to add mysql_escape_string to the code if I have apache 1.31.x and PHP 4.34 or PHP 5.0
I tested the forms on my computer, and for every ' or " it replaced to \.
Does this mean that I don't need to worry about escape characters and strings, or do I need to include mysql_escape_string in the code?
Is it true that with this function you can prevent DOS, DDOS attacks ?
Thanks Ahead !