shanejones Posted December 21, 2010 Share Posted December 21, 2010 Ok so I have these 2 functions set up to secure some things make_safe() is used before putting anything in the database. the make_viewable() function is used to display the data that was made safe. function make_safe($string) { // used before adding to db return addslashes($string); } function make_viewable($string) { // used before displaying anywhere return stripslashes($string); } is this enough or is there anything else to make this secure. Thanks Shane Quote Link to comment Share on other sites More sharing options...
johnny86 Posted December 21, 2010 Share Posted December 21, 2010 Depends on what kind of data you have in your database and where it is coming from. And also how you want to show it. Can you be a little more specific on what you are storing and where/who provides it and how you will be showing your data? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted December 21, 2010 Share Posted December 21, 2010 for input, if magic quotes is turned on, you'll want to stripslashes() on the input, not add them. then use mysql_real_escape_string() to prepare the value for insertion into the database. for output, you should not be storing extra slashes in your data, so stripslashes() would be incorrect as that would remove slashes that should actually be there. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.