izzy Posted July 12, 2006 Share Posted July 12, 2006 How can i stop people from getting to my database by entering php/mysql code into the forms i use on my site.Think of ...login fieldregistration formsearch fieldetc.Greetings,Izzy Link to comment https://forums.phpfreaks.com/topic/14367-secure-php-form/ Share on other sites More sharing options...
wildteen88 Posted July 12, 2006 Share Posted July 12, 2006 You should use a function called mysql_real_escape_string which will help to prevent SQL Injection attacks when dealling with data that gets sent to a database, such as login forms. Also you should use a function called strip_tags too to stop HTML/javascript from being entered in to your forms too.Other functions you should use htmlentied / htmlspecialchars, addslashesYou should never use raw data that has been inputted by users. Link to comment https://forums.phpfreaks.com/topic/14367-secure-php-form/#findComment-56669 Share on other sites More sharing options...
izzy Posted July 12, 2006 Author Share Posted July 12, 2006 I'll chek it out.Thanks for the info.Greetings,Izzy Link to comment https://forums.phpfreaks.com/topic/14367-secure-php-form/#findComment-56685 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.