Thread: Secure Coding
View Single Post
Old 19-07-2010, 13:04   #16
Paul
Dr Pepper Addict
Cable Forum Team
 
Paul's Avatar
 
Join Date: Oct 2003
Location: Nottingham
Age: 62
Services: Aquiss FTTP (900M), Sky Q TV, Sky Mobile, Flextel SIP
Posts: 29,666
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Re: Secure Coding
As far as MySQL is concerned, you dont need parameterised queries to be safe, you just need to make sure that if the data is a number then its really numeric (use something like intval(x) to clean it) - and if its text, make sure its escaped (the MySQL/PHP inteface has a built in function to do this).
__________________

Baby, I was born this way.
Paul is offline   Reply With Quote