ohdang888 Posted March 7, 2008 Share Posted March 7, 2008 do i need to protect myself from injections if i grab info from a database(which in this case if just an auto-increment user id, and cannot be any text, only numbers) and put it into a session????? Quote Link to comment Share on other sites More sharing options...
phpSensei Posted March 7, 2008 Share Posted March 7, 2008 Yes why not. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 7, 2008 Author Share Posted March 7, 2008 well i was thinking that if that info was already cleaned up before it went into the database, when i draw it from the database there is no need to clean it anymore. Quote Link to comment Share on other sites More sharing options...
rameshfaj Posted March 7, 2008 Share Posted March 7, 2008 i think why do you need to take the value from the database and put it in the session,again it is the autoincreament field,that will be managed by the database when u insert data into the database. Any way if you are retrieving some values from db and putting it in the session for certain usage,then you need to clean it when the user logs out.I think it will simply be difficult to inject only getting the session values. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.