Jump to content

Passing values in URL


Stephen68

Recommended Posts

Ok I was told that doing this was not really safe and that people can add stuff to the end of it

to mess things up. With this is as longs as I use

strip_tags()

and

mysql_real_escape_string()

and maybe cast to the type I would like (string,int) It should be ok.

 

AM I correct in my thinking on this?

 

Stpehen

Link to comment
https://forums.phpfreaks.com/topic/176988-passing-values-in-url/
Share on other sites

mysql_real_escape_string() is used in conjunction with a cleaning variables for use with a database.  using it without an sql connection will result in an error.

 

but yes, you are correct in thinking that cleaning variables is a good idea.  i'm sure there are thousands of threads already created about this exact same topic .. why not try searching the forums to see what you can find.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.