ds111 Posted July 22, 2009 Share Posted July 22, 2009 Hello, I am interested in learning more about preventing PHP SQL Injection. What is the safest procedure to read submitted form data via POST and insert it into MySQL? What is the safest way to process the data before displaying on the page? (to prevent XSS?) Do those procedures change if I have magic_quotes on or off? Thank you! Quote Link to comment Share on other sites More sharing options...
Adam Posted July 22, 2009 Share Posted July 22, 2009 I'd recommend reading this: http://www.phpfreaks.com/tutorial/php-security (speifically section 4) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.