izzy Posted July 12, 2006 Share Posted July 12, 2006 How can i stop people from getting to my database by entering php/mysql code into the forms i use on my site.Think of ...login fieldregistration formsearch fieldetc.Greetings,Izzy Quote Link to comment https://forums.phpfreaks.com/topic/14367-secure-php-form/ Share on other sites More sharing options...
wildteen88 Posted July 12, 2006 Share Posted July 12, 2006 You should use a function called mysql_real_escape_string which will help to prevent SQL Injection attacks when dealling with data that gets sent to a database, such as login forms. Also you should use a function called strip_tags too to stop HTML/javascript from being entered in to your forms too.Other functions you should use htmlentied / htmlspecialchars, addslashesYou should never use raw data that has been inputted by users. Quote Link to comment https://forums.phpfreaks.com/topic/14367-secure-php-form/#findComment-56669 Share on other sites More sharing options...
izzy Posted July 12, 2006 Author Share Posted July 12, 2006 I'll chek it out.Thanks for the info.Greetings,Izzy Quote Link to comment https://forums.phpfreaks.com/topic/14367-secure-php-form/#findComment-56685 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.