I was just wondering if this script protected against searches containing sql injection.
Thanks.
Hi,
Everywhere an SQL statement is constructed from form input the mysql_escape_string() function is used (within the database_safe() function) to protect against not only SQL injection but also any form input that could possibly break the SQL.
Cheers, David.
©2006-2025 IAAI Software | Contact Us | Privacy Policy
Hi,
Everywhere an SQL statement is constructed from form input the mysql_escape_string() function is used (within the database_safe() function) to protect against not only SQL injection but also any form input that could possibly break the SQL.
Cheers,
David.