Sanitizing mysql inserts of user data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am sanitizing user-entered data before storing in mysql with this function:

function clean_mysql ($dirty) {
    $dirty=trim($dirty);
    $dirty=str_replace ("--", "", $dirty);
    $dirty=str_replace (";", "", $dirty);
    $clean=mysql_real_escape_string($dirty);
    return $clean;
}

Is this good enough to prevent SQL injection attacks? Should I add
anything else? Thanks!

Dotan Cohen

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux