Lambneck Posted March 4, 2009 Share Posted March 4, 2009 This may be a dumb question but can sql injections be done through dates and ipadress's? I mean, I was wondering if it were necessary to use mysql_escape_string on things like date() and $_SERVER['REMOTE_ADDR']. Link to comment https://forums.phpfreaks.com/topic/147878-may-i-inject-a-simple-question/ Share on other sites More sharing options...
WolfRage Posted March 4, 2009 Share Posted March 4, 2009 Date is a php function so that should be safe. I have wondered about some of the $_SERVER variables though, but from what I have collected in my logs, nothing has been dangerous data, but I have not tried to attack myself using this technique either. Link to comment https://forums.phpfreaks.com/topic/147878-may-i-inject-a-simple-question/#findComment-776132 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.