PHP add slashes to SQL string to prevent SQL injection attack

Script version:1.0
Language:PHP
Rating:
10 (1 votes cast)
Category:Database
Description:This function adds slashes to user generated strings to prevent SQL injection attacks. An SQL injection attack involves adding apostrophes to a an SQL string in order to add extra SQL code on the end to overwrite data in a database or to access parts of the database which you should not have access to.
Instructions:the get_magic_quotes_gpc setting automatically adds slashes to all post, get and cookie data, so you do not have to use the addslashes() method if this setting is turned on. By default, the get_magic_quotes_gpc setting should be 'on', but you cannot guarentee that all target platforms will have this feature turned on, so use the
if (!get_magic_quotes_gpc) {}
line of code to detect this.
Code:




Comments

Name: *
Email: (not shown on website)
Website:
Rate this script:
1 2 3 4 5 6 7 8 9 10
worse better
Comment: *
CAPTCHA Image
Change Image
Write the characters in the image above


* = required field

Related Scripts:

PHP connect to MS access database using DSNless connection ODBC

PHP connect to Microsoft SQL server

Tags

No tags defined for this script. [View tag cloud]

Back to main scripts page








Tag Cloud    Submit a script


Latest Scripts Added

jQuery image swap on mouseover (jQuery)
04 January 2012
This simple bit of code allows you to quickly create image rollovers. The code was modified from a version by Sam Colletts on http://webdevel.blogspot.com/2008/04/rollover-images-with-jquery.html ...

replace XML characters in a string using ASP.Net (ASP.Net)
12 December 2011
Sometimes you need to insert a string into an xml document. Before doing this, you need to ensure that your string does not contain any special xml characters. It is possible to use a CDATA section ...

How to remove title tag in ASP.Net (ASP.Net)
14 October 2011
This is not really a script, but a little trick that you can use to remove the title tag in ASP.net. In ASP.net, when the head tag is rendered, the title tag is automatically added. One of the real ...

ASP sort numerical array (ASP)
12 September 2011
This code is similar to the sort array script which sorts an array alphabetical, however it also sorts arrays based on numberical ordering, for example: dim numbers(4) numbers(0) = ...

Force file download in ASP.Net / c# (ASP.Net)
02 September 2011
this script allows you to force browsers to display a file save dialogue for any file type. It contains a string of allowed file types so users cannot change the querystring to downoad your ...