Black Webmasters Forum

 


Reply
Thread Tools Search this Thread Display Modes
   
  #1  
Old 11-13-2011, 01:21 PM
Junior Member
  
Join Date: Sep 2010
Posts: 5
Thanks: 0
Thanked 1 Time in 1 Post
Default Preventing php injection article
While making a test script I learned that using addslahes () is not the best way to prevent php injection.

Try mysql_real_escape_string() instead.

Last month, I discussed Google's XSS Vulnerability and provided an example that demonstrates it. I was hoping to highlight why character encoding consistency is important, but apparently the addslashes() versus mysql_real_escape_string() debate continues. Demonstrating Google's XSS vulnerability is pretty easy. Demonstrating an SQL injection attack that is immune to addslashes() is a bit more involved, but still pretty straightforward.

Read the rest here.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
Our Sponsor Links

Help Us Grow


Follow Black Webmasters on Twitter
Black Webmasters on Twitter



Link to us:
Black Webmasters Forum
Please link to: http://www.blackwebmasters.com



Premium Wordpress Themes
Premium Wordpress Themes


Black Webmasters Forum
All times are GMT -3. The time now is 10:37 AM.
Copyright ©2012, BlackWebmasters.Com

Content Relevant URLs by vBSEO 3.6.0