rondog Posted May 15, 2008 Share Posted May 15, 2008 Hi I was wondering if it is possible to do an SQL injection using the GET method and if so, what do you recommend I do to avoid it? Link to comment https://forums.phpfreaks.com/topic/105787-solved-injection-using-get-method/ Share on other sites More sharing options...
craygo Posted May 15, 2008 Share Posted May 15, 2008 assign your get values to a variable and use functions like mysql_real_escape_string() to remove things that may cause problems $data = mysql_real_escape_string($_GET['data']); Don't forget you need to be connected to your database for the function to work Ray Link to comment https://forums.phpfreaks.com/topic/105787-solved-injection-using-get-method/#findComment-542105 Share on other sites More sharing options...
rondog Posted May 15, 2008 Author Share Posted May 15, 2008 Ok ive heard of that recently and am going to start using that. For some reason I was thinking it was for POST only. Thanks! Link to comment https://forums.phpfreaks.com/topic/105787-solved-injection-using-get-method/#findComment-542107 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.