List:General Discussion« Previous MessageNext Message »
From:starmonkey Date:March 7 2006 4:35am
Subject:Re: is this safe against sql-injection?
View as plain text  
> Date: Sun, 5 Mar 2006 16:59:13 +0100
> To: mysql@stripped
> From: Jochen Kaechelin <fvgi242ss@stripped>
> Subject: is this safe against sql-injection?
> Message-Id: <200603051659.14425.fvgi242ss@stripped
> Can somebody give me some general hints how to prevent
> sql-injection?

You may also want to consider the use of the PECL/filter extension 
(http://pecl.php.net/package/filter) which 'automagically' sanitizes 
user input. Rasumus uses this himself, see his article here:

http://toys.lerdorf.com/archives/38-The-no-framework-PHP-MVC-framework.html

cheers,
scott

Thread
is this safe against sql-injection?Jochen Kaechelin5 Mar
  • Re: is this safe against sql-injection?Ludwig Pummer6 Mar
Re: is this safe against sql-injection?starmonkey7 Mar