regenx Posted March 11, 2012 Share Posted March 11, 2012 Hi, with this php function you can stop 99% from SQL injections on your php register page. From today you are safe! Trust me. I recommend you to use this function... function madSafety($string) { $string = stripslashes($string); $string = strip_tags($string); $string = mysql_real_escape_string($string); return $string; } Quote Link to comment Share on other sites More sharing options...
wazy Posted March 11, 2012 Share Posted March 11, 2012 strips the entered query to prevent injection Quote Link to comment Share on other sites More sharing options...
regenx Posted March 11, 2012 Author Share Posted March 11, 2012 Yes, this function is perfect! No programs or php/mysql programmer can not pass such a function ;) Quote Link to comment Share on other sites More sharing options...
Sanchoz Posted March 26, 2012 Share Posted March 26, 2012 how to install it? Quote Link to comment Share on other sites More sharing options...
regenx Posted March 27, 2012 Author Share Posted March 27, 2012 <?php function madSafety($string) { $string = stripslashes($string); $string = strip_tags($string); $string = mysql_real_escape_string($string); return $string; } Your php register code here.... ..... Your end code ..... ?> Something like that .... Good Luck & Have Fun! Quote Link to comment Share on other sites More sharing options...
Fabian Posted April 18, 2012 Share Posted April 18, 2012 The best method are prepared statements Siegels 1 Quote Link to comment Share on other sites More sharing options...
regenx Posted April 23, 2012 Author Share Posted April 23, 2012 Wh The best method are prepared statements What do you mean with prepared statements? btw... -- this is wrong way $string = mysql_real_escape_string($string); $string = stripslashes($string); $string = strip_tags($string); -- this is safe way $string = stripslashes($string); // Keep your usernames clean $string = strip_tags($string); // Kill all tags like html tags, etc.. $string = mysql_real_escape_string($string); // Anti-injection Quote Link to comment Share on other sites More sharing options...
Fabian Posted April 28, 2012 Share Posted April 28, 2012 http://php.net/manual/de/pdo.prepared-statements.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.