DaveChild said on 9/11/08

Thu, 11 Sep 2008 11:52:30 GMT

addslashes() is no good for preventing SQL injection - it is vulnerable to character encoding trickery.

ckester said on 5/15/08

Thu, 15 May 2008 12:20:34 GMT

Helpful code, though I would just place addslashes($text) on any input field. Then always have stripslashes($text) when you withdrawl that information, simple easy code since you'll have to do strip the slashes anyway

Comments on snippet: 'Prevent SQL Injection'

DaveChild said on 9/11/08

ckester said on 5/15/08