Re: Question re: sql injection

From: Andrew Hutchings <info@xxxxxxxxxxxx>
Date: Fri, 29 Jun 2007 08:47:11 GMT

shimmyshack wrote:

On Jun 28, 10:28 pm, jb <jbri...@xxxxxxxxx> wrote:
does wrapping the string in double quotes somehow tell mysql to treat
the contents within as literal? Thus making it sql injection safe?

just use myql_real_escape_string throughout.

That won't cover things like unicode sql injection attacks for starters. Prepared statements are much safer but you need mysqli on your PHP installation (or a lot of voodoo with the standard mysql library).

--
Andrew Hutchings - LinuxJedi - http://www.linuxjedi.co.uk/
Windows is the path to the darkside...Windows leads to Blue Screen. Blue Screen leads to downtime. Downtime leads to suffering...I sense much Windows in you...
.

Follow-Ups:
- Re: Question re: sql injection
  - From: Jerry Stuckle
- Re: Question re: sql injection
  - From: shimmyshack

References:
- Question re: sql injection
  - From: jb
- Re: Question re: sql injection
  - From: shimmyshack

Prev by Date: Re: Question re: sql injection
Next by Date: Re: php speed compared to C++ cgi
Previous by thread: Re: Question re: sql injection
Next by thread: Re: Question re: sql injection
Index(es):
- Date
- Thread

Relevant Pages

Re: Off-Topic
... > Bluescreen leads to downtime. ... > Downtime leads to suffering. ... > Powerful Unix is. ... > The No. 1 remote administration tool for Windows NT is a car. ...
(freebsd-questions)
Re: Mail problem
... If you are running from your home IP address then there won't be much you can do to stop this as most ISPs block home IP addresses from sending mail. ... The -f flag assumes the server isn't running Windows, if it is remove that parameter from the command. ... Windows is the path to the darkside...Windows leads to Blue Screen. ... Downtime leads to suffering...I sense much Windows in you... ...
(alt.php)
Re: Off-Topic
... Bluescreen leads to downtime. ... Downtime leads to suffering. ... Powerful Unix is. ... The No. 1 remote administration tool for Windows NT is a car. ...
(freebsd-questions)
Re: Newbie
... And pay special attention to the notes about register_globals. ... Windows is the path to the darkside...Windows leads to Blue Screen. ... Downtime leads to suffering...I sense much Windows in you... ...
(comp.lang.php)
Re: Array_merge() Question
... recordID \t the rest of the data ... ... Windows is the path to the darkside...Windows leads to Blue Screen. ... Downtime leads to suffering...I sense much Windows in you... ...
(comp.lang.php)