regenx Posted March 11, 2012 Posted March 11, 2012 Hi, with this php function you can stop 99% from SQL injections on your php register page. From today you are safe! Trust me. I recommend you to use this function... function madSafety($string) { $string = stripslashes($string); $string = strip_tags($string); $string = mysql_real_escape_string($string); return $string; } Quote
regenx Posted March 11, 2012 Author Posted March 11, 2012 Yes, this function is perfect! No programs or php/mysql programmer can not pass such a function ;) Quote
regenx Posted March 27, 2012 Author Posted March 27, 2012 <?php function madSafety($string) { $string = stripslashes($string); $string = strip_tags($string); $string = mysql_real_escape_string($string); return $string; } Your php register code here.... ..... Your end code ..... ?> Something like that .... Good Luck & Have Fun! Quote
Fabian Posted April 18, 2012 Posted April 18, 2012 The best method are prepared statements Siegels 1 Quote
regenx Posted April 23, 2012 Author Posted April 23, 2012 Wh The best method are prepared statements What do you mean with prepared statements? btw... -- this is wrong way $string = mysql_real_escape_string($string); $string = stripslashes($string); $string = strip_tags($string); -- this is safe way $string = stripslashes($string); // Keep your usernames clean $string = strip_tags($string); // Kill all tags like html tags, etc.. $string = mysql_real_escape_string($string); // Anti-injection Quote
Fabian Posted April 28, 2012 Posted April 28, 2012 http://php.net/manual/de/pdo.prepared-statements.php Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.