shanejones Posted December 21, 2010 Share Posted December 21, 2010 Ok so I have these 2 functions set up to secure some things make_safe() is used before putting anything in the database. the make_viewable() function is used to display the data that was made safe. function make_safe($string) { // used before adding to db return addslashes($string); } function make_viewable($string) { // used before displaying anywhere return stripslashes($string); } is this enough or is there anything else to make this secure. Thanks Shane Link to comment https://forums.phpfreaks.com/topic/222314-security-functions/ Share on other sites More sharing options...
johnny86 Posted December 21, 2010 Share Posted December 21, 2010 Depends on what kind of data you have in your database and where it is coming from. And also how you want to show it. Can you be a little more specific on what you are storing and where/who provides it and how you will be showing your data? Link to comment https://forums.phpfreaks.com/topic/222314-security-functions/#findComment-1149980 Share on other sites More sharing options...
BlueSkyIS Posted December 21, 2010 Share Posted December 21, 2010 for input, if magic quotes is turned on, you'll want to stripslashes() on the input, not add them. then use mysql_real_escape_string() to prepare the value for insertion into the database. for output, you should not be storing extra slashes in your data, so stripslashes() would be incorrect as that would remove slashes that should actually be there. Link to comment https://forums.phpfreaks.com/topic/222314-security-functions/#findComment-1150001 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.