jas4 Posted June 4, 2007 Share Posted June 4, 2007 a placement recieved through uni(well that a lie actually...have 2 interviews tomorrow!..but hopeful) where I will have to develop a front end and back end to this companies site. Done plenty of sites/databases etc in uni, but not anything that I would consider up to a secure/good enough standard yet. Obviouisly I want to learn how to do this and this placement would be perfect. A couple of the things I'm worried about is the back end stuff, such as sql injection and just generally making sure its watertight code. Any help/advice would be appreciated. cheers Link to comment https://forums.phpfreaks.com/topic/54117-just-about-to-start/ Share on other sites More sharing options...
per1os Posted June 4, 2007 Share Posted June 4, 2007 I use this for sql injection, note works with mysql but you may need to change the mysql_real_Escape_String code to fit the db you are working with. This will require a db connection to escape. <?php function escape_string($string) { return get_magic_quotes_gpc()?mysql_real_escape_string(stripslashes ($string)):mysql_real_escape_string($string); } ?> Using that on any strings that come from a form should prevent sql injection. Link to comment https://forums.phpfreaks.com/topic/54117-just-about-to-start/#findComment-267541 Share on other sites More sharing options...
chrisuk Posted June 4, 2007 Share Posted June 4, 2007 another vote for mysql_real_escape_string here Link to comment https://forums.phpfreaks.com/topic/54117-just-about-to-start/#findComment-267588 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.