Im working on a site utilizing apaches/mysqp and of course php. Im
working through the basic framwork creating forms to collect user input
and do various searches etc. I was curious as to what most people find
the best way keep thier mysql queries from getting messed up by user
entered
I use a special function just for reforming input, but they use the
following bits with PCRE:
$replace_wordwhite = '/[^\w\s]/';
$replace_word = '/\W/';
$replace_num = '/\D/';
$replace_email = '/[^\w\-\.@]/';
Works pretty well and it's quite useful for killing useless input without
2 matches
Mail list logo