SQL Injection prevention

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

Code: Select all

if (get_magic_quotes_gpc()) { 
         $value = stripslashes($value); 
      }
This should not be here, it should be done globally in the beginning of the PHP execution, there are quite a few snippets posted here, and even some recent discussions iirc. Otherwise it's okay.
Post Reply