heroic
08-03-2007, 03:40 AM
Well, just realized that most of the PHP newbies don't know about mysql injection attack, or ways to counter it...
so here is some infomation and code to help you all...
MySQL injection attacks are done by pasting mysql code in forms and then hacking the owners mysql...
there is a simple way to prevent this....
just make a file called heroic_mia.php (just an example)
<?
if(is_array($_POST))
{
foreach($_POST as $i=>$v)
$_POST[$i]=mysql_escape_string($v);
}
?>
save this file, and include it in every mysql based script that u make...
so here is some infomation and code to help you all...
MySQL injection attacks are done by pasting mysql code in forms and then hacking the owners mysql...
there is a simple way to prevent this....
just make a file called heroic_mia.php (just an example)
<?
if(is_array($_POST))
{
foreach($_POST as $i=>$v)
$_POST[$i]=mysql_escape_string($v);
}
?>
save this file, and include it in every mysql based script that u make...