Comments on: Secure PHP and SQL Injections http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/ PHP, WordPress and Business Ramblings Thu, 02 Feb 2012 19:31:59 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Sarah http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/comment-page-1/#comment-16267 Sarah Tue, 20 Jan 2009 12:27:08 +0000 http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/#comment-16267 Hi Marie. What version of PHP are you running on? the mysql function has been around for a while. Make sure you've already connected to MySQL before running it though. Feel free to post up the actual error you get from trying to use it and hopefully we can try and solve it for you :) Hi Marie. What version of PHP are you running on? the mysql function has been around for a while. Make sure you've already connected to MySQL before running it though. Feel free to post up the actual error you get from trying to use it and hopefully we can try and solve it for you :)

]]> By: Marie http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/comment-page-1/#comment-16248 Marie Tue, 13 Jan 2009 13:55:44 +0000 http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/#comment-16248 Very useful, thank you. Most of those issues I've already tried to solve on the site I'm working on, but unfortunately mysql_real_escape_string doesn't seem to be working for me/on my server. Will certainly use the "count" trick for logins. Very useful, thank you. Most of those issues I've already tried to solve on the site I'm working on, but unfortunately mysql_real_escape_string doesn't seem to be working for me/on my server.

Will certainly use the "count" trick for logins.

]]> By: Sarah http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/comment-page-1/#comment-16076 Sarah Sun, 30 Nov 2008 15:29:52 +0000 http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/#comment-16076 Hi Amine, I'm not quite sure what you're asking for. I use the escapeString function above to encode/clean up information received via all the super globals (GET, POST, COOKIE, SERVER etc), unless I use other means of error checking as outlined here - http://www.stuffbysarah.net/2007/11/21/secure-your-inputs/ Hi Amine, I'm not quite sure what you're asking for. I use the escapeString function above to encode/clean up information received via all the super globals (GET, POST, COOKIE, SERVER etc), unless I use other means of error checking as outlined here – http://www.stuffbysarah.net/20.....ur-inputs/

]]> By: Amine http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/comment-page-1/#comment-16067 Amine Wed, 26 Nov 2008 18:33:35 +0000 http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/#comment-16067 that's really interesting. I would like to ask a question: can we get a class which can encrypt the sent data and the recieved one from the $_GET, $_POST, ... for ex.?? that's really interesting. I would like to ask a question: can we get a class which can encrypt the sent data and the recieved one from the $_GET, $_POST, … for ex.??

]]> By: Stuff by Sarah » Portable PHP http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/comment-page-1/#comment-1663 Stuff by Sarah » Portable PHP Sat, 15 Jul 2006 12:17:00 +0000 http://www.stuffbysarah.net/2006/03/18/secure-php-and-sql-injections/#comment-1663 [...] Don’t assume Magic Quotes are on, and to be honest, if they are, reverse their work and use a more secure method. [...] [...] Don't assume Magic Quotes are on, and to be honest, if they are, reverse their work and use a more secure method. [...]

]]>