Comments
12 posts by 3 authors in: Forums > CMS Builder
Last Post: August 15, 2011 (RSS)
I meant the best method to secure the site down from SQL injections etc..
Re: [Christopherb] Comments
By Jason - August 15, 2011
Hi,
We normally use the mysql_escape function.
For example, an insert statement might look like this:
Hope this helps get you started
We normally use the mysql_escape function.
For example, an insert statement might look like this:
$query = "INSERT INTO `{$TABLE_PREFIX}articles` SET
createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '".intval(@$CURRENT_USER['num'])."',
updatedByUserNum = '".intval(@$CURRENT_USER['num'])."',
title = '".mysql_escape(@$_REQUEST['title'])."',
content = '".mysql_escape(@$_REQUEST['content'])."'";
mysqlStrictMode(false);
mysql_query($query) or die ("Mysql Error: ".mysql_error()."<br/>\n");Hope this helps get you started
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/