[thelist] Form Security
Jack Timmons
codeacula at codeacula.com
Tue Jul 20 15:38:18 CDT 2010
On Tue, Jul 20, 2010 at 3:30 PM, DAVOUD TOHIDY <dtohidy at hotmail.com> wrote:
> if (get_magic_quotes_gpc()) {
> $name = stripslashes($_POST['name']);
> }
> $name = mysql_real_escape_string(strip_tags(htmlentities(trim($name))));
On Tue, Jul 20, 2010 at 8:42 AM, Jack Timmons <codeacula at codeacula.com> wrote:
> Then, you're running stripslashes, which...well, if you read the
> documentation on stripslashes in PHP, you'd understand what you need
> to do to see if you should run stripslashes.
That would be a good start. Make sure you, as suggested, go over the
documentation and see why, the examples, etc.
--
Jack Timmons
@_Codeacula
More information about the thelist
mailing list