Jump to content

Search the Community

Showing results for tags 'real_escape_string()'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • W3Schools
    • General
    • Suggestions
    • Critiques
  • HTML Forums
    • HTML/XHTML
    • CSS
  • Browser Scripting
    • JavaScript
    • VBScript
  • Server Scripting
    • Web Servers
    • Version Control
    • SQL
    • ASP
    • PHP
    • .NET
    • ColdFusion
    • Java/JSP/J2EE
    • CGI
  • XML Forums
    • XML
    • XSLT/XSL-FO
    • Schema
    • Web Services
  • Multimedia
    • Multimedia
    • FLASH

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Languages

Found 1 result

  1. iwato

    Sanitization of $_GET Superglobal

    BACKGROUND: It appears that there are few problems in web development that do not have multiple solutions. My problem is to decide which solution best suits my needs. I have a confirmation email that sends a name, hash, and email address via an HTTP REQUEST using the $_GET superglobal to a PHP file that matches the hash with an entry in a newsletter roster table. If the match succeeds the value of the status variable is changed from 0 to 1. Before the hash is sent to the roster table it is sanitized using the MySQLi real_escape_string( ) function. Elsewhere on my website I use the PHP filter_var( ) function with parameter values that vary with the nature of the data being sent. QUESTION ONE: In the above instance which PHP function would be more secure. And, why? QUESTION TWO: In general which function is preferred? And, why? Roddy
×