Ensuring that your site is always as secure as possible is always a good idea and considered to be good php practice.
Escaping inputs is a easy as 1, 2, 3
If you have a database connection active use the following:
$escapedName = mysql_real_escape_string($_POST['name'])
If you don't have an active database connection or you don't use a database in your code use the following:
$escapedName = mysql_escape_string($_POST['name'])
Safe, Secure, ... Escaped
By PHPin24 @ 2008-11-24 00:01:07
|
