Anti-sql injection function

[Michael Evans]

i think it is interesting, and users could learn from this and see that there is never a quick fix to any issue its also a good read :P just my opinion tho

[Spudinski]

i think it is interesting, and users could learn from this and see that there is never a quick fix to any issue its also a good read :P just my opinion tho

This in particular is a quick fix.

[Aventro]

The only correct way to secure sql statements in php is to use prepared statements in my opinion. It's the best approach.

[Paul Evans]

This in particular is a quick fix.

Yes this is a quick fix and a idiotic one but simply code up filters per input and stop being lazy.

[Michael Evans]

Lol i was been funny Ehhh did no one catch on to that lmfao :P quick fix = no fix simple i have seen these fail time and time again, just like norton site scanner makes me laugh like a girl site scanner more Like WHAT WE NEVER FOUND IT (they hate me at norton).


@SRB where did i say i use programs??? mmmmmm i don't think i did say i did but hey SRB you know best right i forgot your a guru/god (phahahahah) if you dont ike me find go cry at someone else coz you will never know me or what i can do coz your mind is too small to pm me and maybe get to know me :P

ill pm you something have a look yeah :P

[rulerofzu]

Well I am impressed you continuing a discussion on a thread started in 2007.

Not really I am being sarcastic. :P

The majority of us know this is a bad idea and you should write PHP with it secured not secure afterwards or try and come up with some all encompassing function that does it for you.

This topic should be locked with a final statement

Bad Idea.

[Aventro]

It should be locked with one or two alternative solutions as people may reference to this topic to learn about the case.

[runthis]

These examples are great, but I may want to add that if you are using a Dedicated Server or a VPS, you will be able to compile apache with mod_sec which will block most sql/xss injections.