Sanitizing MySQL user parameters.
Posted
by Tom
on Stack Overflow
See other posts from Stack Overflow
or by Tom
Published on 2008-10-23T14:17:00Z
Indexed on
2010/06/15
17:52 UTC
Read the original article
Hit count: 273
What are the dangerous characters that should be replaced in user input when the users' input will be inserted in a MySQL query? I know about quotes, double quotes, \r and \n. Are there others?
(I don't have the option of using a smart connector that accepts parameters so I have to build the query myself and this will be implemented in multiple programming languages, including some obscure ones so solutions such as mysql_real_escape_string
in PHP are not valid)
© Stack Overflow or respective owner