PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

Templates - why and how to use them in PHP3
Strings & Text in PHP - The ABCs of PHP Part 5
Using PHP and XML with Apache Cocoon
Native Language Support
In Case You Missed It...The Week of July 18, 2005

Sr. Web Developer
mediabistro.com
US-NY-New York

Post A Job | Post A Resume

Comments for: ProPHPSecurity_excerpt

Message # 1510003:

Date: 05/20/07 07:10
By: Demon
Subject: Just a question

you say this and you say that and i say what you typed there is common sence.
my question is simple.
lets say you have a select * from query goin to the database to fetch data or save data or what eve dont really care what it does.
a user can input text with in the text box to gain data or save data with in the database.
now strpos works kinda on stopping most attachs like html bs but when you use strpos to stop the select * from it wont work.
so a user can input tat into a box and gain info back.
question is how do you prevent a user from typing any thing that deals with the database querys.
dont say you cant cause i am sure you can i just need to know how.

Previous Message | Next Message

Comments:

Just a question

Demon

05/20/07 07:10

If you are looking for help, please post on the appropriate forum here. Your questions will be answered much more quickly.

Comments for: ProPHPSecurity_excerpt

Add A Comment: