School Assignment? Project Due Tomorrow? Chat LIVE With A Programming Expert!

Dream.In.Code > Programming Help > PHP > PHP Programmers

Welcome to Dream.In.Code
	Become an Expert! Join 307,117 Programmers for FREE! Get instant access to thousands of experts, tutorials, code snippets, and more! There are 2,009 people online right now. Registration is fast and FREE... Join Now! Chat LIVE With a Expert

mysql_real_escape_string() or sanitize?

mysql_real_escape_string() or sanitize?

dangmnx	16 Aug, 2009 - 11:27 PM Post #1
D.I.C Head Joined: 10 Apr, 2009 Posts: 248 My Contributions	I've been looking at mysql_real_escape_string() and sanitizing, what are the difference? and which function should i use to prevent against sql injection mysql_real_escape_string() or sanitize () This post has been edited by dangmnx: 16 Aug, 2009 - 11:27 PM
	This Post Was Helpful!

Register for Free to Make These Ads Go Away!

Wimpy	RE: Mysql_real_escape_string() Or Sanitize? 17 Aug, 2009 - 12:53 AM Post #2
I feel happy... singing Joined: 2 May, 2009 Posts: 958 Thanked: 132 times Dream Kudos: 75 My Contributions	There is no native PHP function called sanitize... So definitely mysql_real_escape_string()! QUOTE(dangmnx @ 17 Aug, 2009 - 09:27 AM) I've been looking at mysql_real_escape_string() and sanitizing, what are the difference? and which function should i use to prevent against sql injection mysql_real_escape_string() or sanitize ()
	This Post Was Helpful!

ShaneK	RE: Mysql_real_escape_string() Or Sanitize? 17 Aug, 2009 - 04:29 AM Post #3
require_once("brain.php"); //Fatal error :/ Joined: 10 May, 2009 Posts: 701 Thanked: 47 times Dream Kudos: 75 Expert In: PHP, MySQL My Contributions	mysql_real_escape_string is about as safe as you can get your input with mysql_* functions. Sanitize() is a function made by somebody for people who aren't sure if they have the mysql_real_escape_string function, if you don't it uses addslashes (corrected by Wimpy lol), if you do it uses mysql_real_escape_string...I think...I'm not sure, I haven't looked at that function in a while... But if you have it, I'd go with mysql_real_escape_string, since Sanitize() just takes more time (only a little) just checking if it's there or not... Yours, Shane~ This post has been edited by ShaneK: 17 Aug, 2009 - 02:39 PM
	This Post Was Helpful!

Wimpy	RE: Mysql_real_escape_string() Or Sanitize? 17 Aug, 2009 - 09:18 AM Post #4
I feel happy... singing Joined: 2 May, 2009 Posts: 958 Thanked: 132 times Dream Kudos: 75 My Contributions	Almost correct, "it uses stripslashes" should be "it uses addslashes". QUOTE(ShaneK @ 17 Aug, 2009 - 02:29 PM) mysql_real_escape_string is about as safe as you can get your input with mysql_* functions. Sanitize() is a function made by somebody for people who aren't sure if they have the mysql_real_escape_string function, if you don't it uses stripslashes, if you do it uses mysql_real_escape_string...I think...I'm not sure, I haven't looked at that function in a while... But if you have it, I'd go with mysql_real_escape_string, since Sanitize() just takes more time (only a little) just checking if it's there or not... Yours, Shane~
	This Post Was Helpful!

ShaneK	RE: Mysql_real_escape_string() Or Sanitize? 17 Aug, 2009 - 02:36 PM Post #5
require_once("brain.php"); //Fatal error :/ Joined: 10 May, 2009 Posts: 701 Thanked: 47 times Dream Kudos: 75 Expert In: PHP, MySQL My Contributions	Lol, wow, yeah... That's what I meant XD Working on stupid servers with magic quotes enabled leaves me thinking about stripslashes Yours, Shane~
	This Post Was Helpful!

Fast Reply

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 11/21/09 01:29PM

Invision Power Board v2.1.7 © 2009 IPS, Inc.

Licensed to: MediaGroup1

Advertising | Terms of Use | Privacy Policy | About Us | Site Map

Advertise on this site through Lake Quincy Media

Forum Index: Programming Help | C and C++ | VB6 | Java | VB.NET | C# | ASP.NET | PHP | ColdFusion | Perl and Python | Ruby | Databases | Other Languages | Game Programming | Mobile Development | Software Development | Computer Science | Industry News | Programming Tutorials | C++ Tutorials | Visual Basic Tutorials | Java Tutorials | VB.NET Tutorials | C# Tutorials | Linux Tutorials | PHP Tutorials | ColdFusion Tutorials | Windows Tutorials | HTML/JavaScript Tutorials | CSS Tutorials | Flash Tutorials | Web Promotion Tutorials | Graphic Design & Photoshop Tutorials | Software Development Tutorials | Database Tutorials | Other Language Tutorials | ASP.NET Tutorials | Game Programming Tutorials | WPF & Silverlight Tutorials |

Copyright 2001-2008 MediaGroup1 LLC, All Rights Reserved
A MediaGroup1 LLC Production - Version 6.0.2.1.36
Server: secure2

Search^Updated!w00t

Over 509,000 Pages! Advanced Forum Search

Live Help!

Be Social

Tutorials

Programming

Web Development

Reference Sheets

Code Snippets

DIC Chatroom

Join our IRC Chat

Bye Bye Ads

Monthly Drawing

Top Contributors

Top 10 Kudos This Month