Sanitizing MySQL user parameters.

Posted by Tom on Stack Overflow See other posts from Stack Overflow or by Tom
Published on 2008-10-23T14:17:00Z Indexed on 2010/06/15 17:52 UTC
Read the original article Hit count: 273

Filed under:
|
|

What are the dangerous characters that should be replaced in user input when the users' input will be inserted in a MySQL query? I know about quotes, double quotes, \r and \n. Are there others?
(I don't have the option of using a smart connector that accepts parameters so I have to build the query myself and this will be implemented in multiple programming languages, including some obscure ones so solutions such as mysql_real_escape_string in PHP are not valid)

© Stack Overflow or respective owner

Related posts about mysql

Related posts about sanitization