PHP mysql injection protection

前端未结

关注

 6  1563

野性不改 2020-12-10 17:53

I have written this short function to protect against my_sql injection, because of its importance I just want to double check with other\'s that this will function as I inte

6条回答

感动是毒 (楼主)

2020-12-10 18:16

Tomas's suggestion is good, but you should always keep them both in mind, so this can be great:

if (get_magic_quotes_gpc()) { // Check if magic quotes are enabled
    foreach($_REQUEST as $key => $value) {          
       $_REQUEST[$key] = stripslashes($value);
       $_REQUEST[$key] = stripslashes($_REQUEST[$key])
    } 
} else {
    foreach($_REQUEST as $key => $value) {
      $_REQUEST[$key] = mysql_real_escape_string($value);
      $_REQUEST[$key] = mysql_real_escape_string($_REQUEST[$key]);
    } 
}

0 讨论(0)

查看其它6个回答