Ways I can protect my site excluding XSS and Sql injection?

前端 未结 6 1333
Happy的楠姐
Happy的楠姐 2021-02-10 00:38


So, members of my website can post topics, replies, comments, edit them and so on. I always use htmlspecialchars and addslashes for html inputs to

6条回答
  •  心在旅途
    2021-02-10 01:20

    A better approach to protect against SQL injection is to use the escape function specifically written for each database - for example, for PostGreSQL use pg_escape_string to escape string fields before inserting them in to the database. Or in your case, use mysql_real_escape_string.

提交回复
热议问题