Comments on: SQL Injection Safe Queries Redux http://programanddesign.com/php/sql-injection-safe-queries-redux/ Tips, tricks, tutorials, and tools on programming & web design Tue, 08 May 2012 14:53:37 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Mark http://programanddesign.com/php/sql-injection-safe-queries-redux/comment-page-1/#comment-225 Mark Fri, 03 Jul 2009 22:43:30 +0000 http://programanddesign.com/?p=258#comment-225 This assumes you're already connected to a database. Unless you have multiple connections open, you shouldn't need the link identifier should you? In any case, it's not hard to add :) I've never had any problems with it, but I've only tested it on a few servers. If all else fails, <a href="http://ca.php.net/manual/en/function.addslashes.php" rel="nofollow">addslashes</a> might do the trick. This assumes you’re already connected to a database. Unless you have multiple connections open, you shouldn’t need the link identifier should you? In any case, it’s not hard to add :) I’ve never had any problems with it, but I’ve only tested it on a few servers. If all else fails, addslashes might do the trick.

]]> By: bucabay http://programanddesign.com/php/sql-injection-safe-queries-redux/comment-page-1/#comment-223 bucabay Fri, 03 Jul 2009 14:22:11 +0000 http://programanddesign.com/?p=258#comment-223 Nice. Only hitch is that mysql_real_escape_string() really needs the mysql resource as the second parameter. In some conditions, it seems to return an empty string if the db resource is not present. I've seen this just a few times on different setups, and I'm not sure what the common factor is. Seems to be happening more just lately. Nice.

Only hitch is that mysql_real_escape_string() really needs the mysql resource as the second parameter. In some conditions, it seems to return an empty string if the db resource is not present.

I’ve seen this just a few times on different setups, and I’m not sure what the common factor is. Seems to be happening more just lately.

]]>