Kibret Posted February 19, 2010 Share Posted February 19, 2010 Will it pretty much solve every threat? *and for database queries, mysql_real_escape_string() What other functions are there? Link to comment https://forums.phpfreaks.com/topic/192641-if-you-take-user-inputs-and-use-the-functions-strip_tags-and-addslashes/ Share on other sites More sharing options...
SchweppesAle Posted February 19, 2010 Share Posted February 19, 2010 Will it pretty much solve every threat? *and for database queries, mysql_real_escape_string() What other functions are there? use mysql_real_escape_string() instead. They'll be removing addslashes() from PHP6. In terms of security, if you want to be on the safe side you can cast your variables as well. //after fetching the variable $tableID $tableID = (int)$tableID; etc Link to comment https://forums.phpfreaks.com/topic/192641-if-you-take-user-inputs-and-use-the-functions-strip_tags-and-addslashes/#findComment-1014983 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.