http://snipplr.com/users/engel/tags/injection Recent snippets posted on Snipplr.com en-us Thu, 16 Feb 2012 03:31:17 GMT http://snipplr.com/view/4205/prevent-sql-injection/ Pass a user-inputted variable to this function in order to prevent SQL injection. Example: mysql_query("INSERT INTO table VALUES('" . sql_sanitize($_POST["variable") . "')"); Instead of: mysql_query("INSERT INTO table VALUES('" . $_POST["variable"] . "'");

]]> Wed, 28 Nov 2007 09:25:01 GMT http://snipplr.com/view/4205/prevent-sql-injection/