Mudsaf Posted August 27, 2013 Share Posted August 27, 2013 Hello, i'm wondering do i need to escape $_SERVER['REMOTE_ADDR'] when selecting from MySQL database (Prevent SQL injections)? So can client modify his ip-address to attack the server? Link to comment Share on other sites More sharing options...
justsomeguy Posted August 27, 2013 Share Posted August 27, 2013 I don't think that the IP address field in a TCP header can be arbitrary text. Link to comment Share on other sites More sharing options...
Mudsaf Posted August 27, 2013 Author Share Posted August 27, 2013 Alright, thx Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now