[thelist] Form Security
Nan Harbison
nan at nanharbison.com
Thu Jul 15 16:31:34 CDT 2010
I use a little function for all the post variables:
while(list($key, $value) = each($_POST))
{
$value = trim($value);
$value = mysql_real_escape_string($value);
}
Maybe I should be doing the strip tags and slashes too...hmm
Nan
-----Original Message-----
>
> Hi there,
>
> I am working on my employer's site. I have a search engine and Contact
> form. I have taken all the steps that I am aware of to tighten the
security
> such as using :
>
> $name =
>
mysql_real_escape_string(strip_tags(stripslashes(htmlentities(trim($_POST['n
ame'])))));
>
More information about the thelist
mailing list