Re: The best way to protect SQL injection?

---

• From: "www.gerardvignes.com" <gerardvignes@xxxxxxxxx>
• Date: 26 Dec 2006 08:08:26 -0800

---

I wrote a simple PHP function for handling string arguments to a SQL
Query:

function SqlEscapedQuotedString($unescaped_string) {
return '"' . addslashes($unescaped_string) . '"';
}

I never accept a SQL Query from the client, only an Argument to a SQL
Query on the server.

Gerard Vignes
http://www.GerardVignes.com
Seattle, WA

.

---

• Follow-Ups:
  • Re: The best way to protect SQL injection?
    • From: Dikkie Dik

• References:
  • The best way to protect SQL injection?
    • From: Alucard

• Prev by Date: Re: Chage script for Linux servers?
• Next by Date: compile error
• Previous by thread: Re: The best way to protect SQL injection?
• Next by thread: Re: The best way to protect SQL injection?
• Index(es):
  • Date
  • Thread

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)