How to prevent SQL Injection?: PHPFusion 8 Support

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Hello,

i'm working on an infusion where i have to post data.
How can i make sure that there won't be any SQL injections?

Currently i use it like this:

Code Download source


if(isset($_POST['sample_field'])){
  $samplefield = stripinput($_POST['sample_field']);
  dbquery("insert into ".DB_SAMPLE_TABLE."(sample_field)values('$samplefield')");
}

is the useof stripinput enough or should i use the add_slashes method in addition to that?

0 replies

stripinput will do the trick :)

0 replies

http://php.net/manual/en/function.htm...lchars.php

0 replies

-
PHPFusion:
stripinput();
Study the functions of "maincore.php"

Native PHP:
PDO::prepare();
http://www.php.net/manual/en/intro.pd...ro.pdo.php

Regards,

-

0 replies

Ah great thank you guys :)

0 replies

Category Forum

Content Administration - 8

Labels

None yet

Statistics

Views 0 views
Posts 4 posts
Votes 0 votes
Topic users 4 members

4 participants

Notifications

Track thread

You are not receiving notifications from this thread.

How to prevent SQL Injection?

4 posts

PHPFusion

Resources

Community

Development