Re: Preventing SQL Injection/ Cross Site Scripting

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 21/04/07, tedd <tedd@xxxxxxxxxxxx> wrote:
At 4:08 AM +0300 4/21/07, Dotan Cohen wrote:
>I've got a comments form that I'd like to harden against SQL Injection
>/ XSS attacks. The data is stored in UTF-8 in a mysql database. I
>currently parse the data as such:

I highly recommend "Essential PHP Security" by Chris Shiflett -- he
covers those issues and more in detail.

It's well worth the cost and you can get it used for as little $12.81.


Thanks, I see it used on Amazon for $12.81 in like new condition, with
another $10 to ship it. I might just do that as I cannot get those
books locally.

Dotan Cohen

http://what-is-what.com/what_is/blog.html
http://ultu.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux