Hi All,

Can anybody give me some good pointers on cause, effect and workarounds for injection attacks please?

Id really like to know actual commands that people use, where they use them and how to stop them.

Answers on a postcard...............:-)

To prevent mySQL Injections, we have 2 predefined functions they are

mysql_real_escape_string() - Takes String + connection handler and escapes the string based on the current character set

mysql_escape_string() - Takes String, will not connection handler and will not escapes the string according to the current character set.

I think you understood which one we need to use.

If you want more details, follow the link

ok thats great information, thank you

how exactly do you attack? so i can test for myself?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.