[PHP] Anti MYSQL injection

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
thiscatis
Forum Contributor
Posts: 434
Joined: Thu Jul 20, 2006 11:00 am

[PHP] Anti MYSQL injection

Post by thiscatis »

Hi!

Is there an easy way of protecting your php pages against mysql injections?
I remember seeing something like that once..

greetings,
thiscatis
User avatar
kaszu
Forum Regular
Posts: 749
Joined: Wed Jul 19, 2006 7:29 am

Post by kaszu »

User avatar
andym01480
Forum Contributor
Posts: 390
Joined: Wed Apr 19, 2006 5:01 pm

Post by andym01480 »

Checking all user input in forms is what you want it to be. http://pixelated-dreams.com/uploads/mis ... tSheet.pdf

Globals off - default in >4

Making sure all variables are unset before use incase someone adds them to the url eg
http://www.url.com?variable=naughtyvalue

mysql_real_escape_string http://uk2.php.net/manual/en/function.m ... string.php
Post Reply