Hi
When thinking about security it is best to use ' around number input from a webuser in
the WHERE part of my query. But does is this query run slower than a query without '
around numbers? How does this work?
I want to protect my system from user input such as comment, AND operator, and OR
operator. Is the best way to include ' in queries, or should I precheck the number to
verify that they really are number?
- Fredrik
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
