Hi folks, This time I'm in some trouble. Please help me in this issue. My site will have forms with number of text fields, I'll store the form data in MySQL database and later those data will be fetched and populated on web pages. Now, the forms are filled up by users, so I need to escape all unwanted characters while keeping the necessary ones intact. Suppose I get a field data in the form of $_POST. So far I was using combination of mysql_real_escape_string, htmlentities, striptags
Acunetix WVS scans your website for SQL injection vulnerabilities. SQL Injection is a type of hack attack which can be prevented with the use of a web vulnerability scanner. Download the FREE edition now!
x';
INSERT INTO members ('email','passwd','login_id','full_name')
VALUES ('steve@unixwiz.net','hello','steve','Steve Friedl');--';
Even if we have actually gotten our field and table names right, seve