Home page logo
/

basics logo Security Basics mailing list archives

Re: magic_quotes
From: Christoph 'knurd' Jeschke <christoph.jeschke () gmail com>
Date: Tue, 21 Jun 2005 02:05:38 +0200

Steve Hillier schrieb:

You should be using mysql_escape_string() to sanitise your input
strings if you're going to be using them as-is inside SQL statements.

Better use Stored Procedures (MySQL5) and mysql_real_escape_string
instead of mysql_escape_string.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]