Jake Posted July 13, 2007 Share Posted July 13, 2007 On a new game engine i am developing, i want HTML to be enabled within a profile signature (easy enough), but will this not lead to easy SQL injection attacks? How can i prevent against this? Or is it not a problem? Quote Link to comment Share on other sites More sharing options...
oxidati0n Posted August 4, 2007 Share Posted August 4, 2007 Re: HTML allowed, preventing SQL Injection Well basicly add this in some of your codes foreach($_REQUEST as $k=>$v) { $_REQUEST[$k]=mysql_real_escape_string($v); } That should do it.. :lol: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.