Jump to content

is using htmlentities() to sanitize $_posts adequate protection?


cloudll

Recommended Posts

Ah ok, the only reason I was thinking about htmlentities is because wouldnt it allow me to see what someone was atempting to do? if they did try any injection?

 

would i use it like this:

 

$statement->execute(array mysql_real_escape_string($sector), mysql_real_escape_string ($battle,$id));

 

or am i supposed to use it like this?

 

$name = mysql_real_escape_string($_POST['admin_name']);

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.