Jump to content

Archived

This topic is now archived and is closed to further replies.

izzy

Secure php form

Recommended Posts

How can i stop people from getting to my database by entering php/mysql code into the forms i use on my site.
Think of ...
login field
registration form
search field
etc.

Greetings,
Izzy

Share this post


Link to post
Share on other sites
You should use a function called mysql_real_escape_string which will help to prevent SQL Injection attacks when dealling with data that gets sent to a database, such as login forms. Also you should use a function called strip_tags too to stop HTML/javascript from being entered in to your forms too.

Other functions you should use htmlentied / htmlspecialchars, addslashes

You should never use raw data that has been inputted by users.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.