matskn Posted February 27, 2008 Share Posted February 27, 2008 Hi guys! my first post here.. Im working on a php/mysql script securing an apache server. I have SSL certificate auth, but will also implement a login site for users. What i need is to avoid all sqlinjections etc.. Generally to avoid all security breaches through my sessions and inputforms. I would also like to check wheter the input fields contain other chars than numbers and letters.. Best regards Quote Link to comment Share on other sites More sharing options...
trq Posted February 27, 2008 Share Posted February 27, 2008 What mysql interface are you using? If PDO, use prepared statements, these are pretty well safe of sql injection. Otherwise, mysql_real_escape_string should do a good job. Quote Link to comment Share on other sites More sharing options...
matskn Posted February 27, 2008 Author Share Posted February 27, 2008 dont have PDO im afraid :-\ got any good answer to check if a string only contains numbers and letters? Quote Link to comment Share on other sites More sharing options...
trq Posted February 27, 2008 Share Posted February 27, 2008 got any good answer to check if a string only contains numbers and letters? preg_match(). Quote Link to comment Share on other sites More sharing options...
matskn Posted February 27, 2008 Author Share Posted February 27, 2008 thanks :-) will try that out Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.