Re: SQL injection - mysql_real_escape_string()? | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Hi Jacob, Yes, you need to do more than just using mysql_real_escape_string() solely. I recommend the book "SQL Antipatterns: Avoiding the Pitfalls of Database Programming" by Bill Karwin http://www.amazon.com/SQL-Antipatterns-Programming-Pragmatic-Programmers/dp/1934356557 -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php