Dragen Posted May 18, 2007 Share Posted May 18, 2007 Hi, not sure if this should be in the php or mysql section.. I'm just wondering what kind of things I should do to make sure that inputs from a form are safe to put into a mysql table? I'm currently using ereg() on an input to make sure that only numbers are entered, but on other forms I've got thiongs such as names and other details. How do I make sure that they're not going to break my table? Thanks Quote Link to comment https://forums.phpfreaks.com/topic/51973-make-data-safe-to-input-to-mysql-database/ Share on other sites More sharing options...
Bramme Posted May 18, 2007 Share Posted May 18, 2007 //removing quotes from inputs function quote($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value; } this is a function i once got from somebody else, preventing people to try and get information from your database tables by entering ''s and what not... (there's a specific term for this, but i forgot it ) Quote Link to comment https://forums.phpfreaks.com/topic/51973-make-data-safe-to-input-to-mysql-database/#findComment-256175 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.