Sql security

Joe · Aug 13, 2006

hi
i've been talking to people
*ahem*SV and Scoot*ahem*
and i believe that my sql database can be hacked.
is it possible to make it more secure
and also, what is this 'mysql_real_escape_string' and how do i use it?

thanks

Joe

Scott · Aug 13, 2006

mysql_real_escape_string -- Escapes special characters in a string for use in a SQL statement. This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.

More information: http://www.php.net/mysql_real_escape_string

bay · Aug 13, 2006

You don't really need to use mysql_real_escape_string for passwords that are hashed in md5, because md5 hases will never have ' or "

The manual entry for mysql_real_escape_string is pretty self explanatory, If you want some more advanced functions check out the user comments too.

Joe · Aug 14, 2006

ok ty bay and Scott

some very helpful advice
*reads comments*

Joe

Sql security

More options

Joe

VIP Member

Scott

Senior MemberVIP Member

bay

New Member

Joe

VIP Member

Similar threads

We're social

New posts ➔

Auction activity ➔

How do you think a potential buyer first checks if your domain is for sale?

Polls of interest ➔

Hot this week ➔

Community favorite ➔

Hot this month ➔

Blog favorites

TravelInsurance.net

onixel.com

Trainsition.com

MyMerchantService.com

SalonToken.com

creepyhousesforsale.com

SilverDX.com

EliteRight.com

CIHQ.COM

BTCCapitalFund.co

Pinned

Appreciation

Agreement

Answers

Relevance

Reaction

Status

Feeling