Injection problems

Advanced PHP 2024-11-28
   40    






  • • Never rely on the value of magic_quotes_gpc
  • • Escape SQL query variables with the native database functions when available
  • • Use AddSlashes() when no better alternative exists
  • • Escape shell commands with EscapeShellArg() and EscapeShellCmd()