another way to use mysql_real_escape_string instead trim(stripslashes(

Webmasters:
If you have a web page related to this topic, Click here to Add Your Link.

Reply Your Comments:
Click this button if you are interested in replying to this topic and leave your comments

Sent To Friend
CLick this button if you want to send this page to a friend.

Subscribe to RSS
CLick this button if you want to subscribe to this RSS Feed. You can use your browsers feeds burners if you have mozilla or internet explorer 7 or higher and keep up with updates.

Forums Index
» MYSQL Forums
» » another way to use mysql_real_escape_string instead trim(stripslashes(

another way to use mysql_real_escape_string instead trim(stripslashes(
Post Description: another way to use mysql real escape string instead trimstripslashes MYSQL
Post Tags:
This Post Has Been Viewed 1148 Times Since Sun Feb 10, 2008 5:28 pm Author hostman with 7 replies

another way to use mysql_real_escape_string instead trim(stripslashes(

Advertise On This Page

sometimes mysql doesn't let you insert data into your database unless its cleaned.

an good way to do this is with the function: mysql_real_escape_string()

example: mysql_real_escape_string($_POST['somedata'])

but its better to use this instead:
trim(stripslashes($_POST['somedata']))

WARNING: but if you have a website, you MUST use mysql_real_escape_string() for security

Leave Your Comments

You Must Have Javascript Enabled to Submit This Form
Help: how to enable javascript

Subscribe [RSS]

Share this page by putting this URL in your comments to other websites like myspace, Facebook, Twitter friendster, Hi5, Groups, Boards, Forum or others. Just Copy and Paste this Code

URL:

To embed this topic, just copy the code from the "Embed" box. Once you've copied the code, just paste it into your website or blog to embed it.

Embed:

BBCODE is use on forums. You can put this code on all your BBCODE enabled forums like PhpBB, vBulletin� and others. Just Copy and Paste this code on your Posts and Replies on your forums

BBCODE:

Webmasters - Exchange Links With Us. Add related websites to this topic

Links Related to : another way to use mysql_real_escape_string instead trim(stripslashes(

Comments and replies About another way to use mysql_real_escape_string instead trim(stripslashes(

:: 1 :: Reply #64155 Reply By Wayne On Thu Jul 31, 2008 8:11 am

Wayne:

no. stripslashes can be fooled. mysql_real_escape_string is the only action to take against sql injection

:: 2 :: Reply #64812 Reply By ditro On Mon Aug 04, 2008 11:05 am

ditro:

sql error similar

:: 3 :: Reply #64813 Reply By erew On Mon Aug 04, 2008 11:06 am

erew:

what.is

:: 4 :: Reply #94418 Reply By shawn On Thu Feb 19, 2009 12:38 pm

shawn:

this is wrong... the function would be addslashes. e.g., trim(addslashes($_post['somedata'

:: 5 :: Reply #94604 Reply By This On Sat Feb 21, 2009 10:26 am

This:

this is horribly wrong, do not use this advice.

:: 6 :: Reply #105078 Reply By horrified On Tue Jun 02, 2009 1:35 am

horrified:

stripslashes, to sanatise pre-db entry?

is this site a hacking site wanting people to have hghly insecure scripts?

anyone reading this, forget add and strip slashes. use mysql_real_escape_string()

i you get slashes from php from some other place, then use stripslashes by all means

:: 7 :: Reply #109748 Reply By i20 On Sat Jul 18, 2009 1:03 am

i20:

first it's not strip but addslashes to escape illegal characters and second nothing can replace mysql_real_escape_string() for stop injection because this function has been created exactly to protect your mysql_query!! "trim(stripslashes($_post['someda is a joke!