N-Bomb(Nerd) Posted May 18, 2009 Share Posted May 18, 2009 If I'm using prepared statements do I still need to escape the strings before I submit them? I'm aiming to avoid sql injections completely and I believe I was told prepared statements will avoid them all together. Quote Link to comment https://forums.phpfreaks.com/topic/158659-solved-quick-question/ Share on other sites More sharing options...
Daniel0 Posted May 18, 2009 Share Posted May 18, 2009 No, actually you should not do it or you'll have it double escaped so to speak. Quote Link to comment https://forums.phpfreaks.com/topic/158659-solved-quick-question/#findComment-836754 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.