jas4 Posted June 4, 2007 Share Posted June 4, 2007 a placement recieved through uni(well that a lie actually...have 2 interviews tomorrow!..but hopeful) where I will have to develop a front end and back end to this companies site. Done plenty of sites/databases etc in uni, but not anything that I would consider up to a secure/good enough standard yet. Obviouisly I want to learn how to do this and this placement would be perfect. A couple of the things I'm worried about is the back end stuff, such as sql injection and just generally making sure its watertight code. Any help/advice would be appreciated. cheers Quote Link to comment https://forums.phpfreaks.com/topic/54117-just-about-to-start/ Share on other sites More sharing options...
per1os Posted June 4, 2007 Share Posted June 4, 2007 I use this for sql injection, note works with mysql but you may need to change the mysql_real_Escape_String code to fit the db you are working with. This will require a db connection to escape. <?php function escape_string($string) { return get_magic_quotes_gpc()?mysql_real_escape_string(stripslashes ($string)):mysql_real_escape_string($string); } ?> Using that on any strings that come from a form should prevent sql injection. Quote Link to comment https://forums.phpfreaks.com/topic/54117-just-about-to-start/#findComment-267541 Share on other sites More sharing options...
chrisuk Posted June 4, 2007 Share Posted June 4, 2007 another vote for mysql_real_escape_string here Quote Link to comment https://forums.phpfreaks.com/topic/54117-just-about-to-start/#findComment-267588 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.