Drop down ranges to text box ranges how to keep secure

Discussion in 'PHP' started by mnymkr, Jul 14, 2008.

0
  1. #1
    I am changing a form that uses values in two drop down form fields to enter a numeric range into a database

    I want to change it so that the user cna enter two values into text fields instead

    what do I need to do to these vaules before i put them in my sql query
     
    mnymkr, Jul 14, 2008 IP
  2. blueparukia

    blueparukia Well-Known Member

    Messages:
    1,564
    Likes Received:
    71
    Best Answers:
    7
    Trophy Points:
    160
    #2
    Sanitise the variable for MySQL:

    
$var = mysql_real_escape_string($_POST["textbox"]);
    PHP:
    Or MySQLi:
    
$var = mysqli_real_escape_string($_POST["textbox"]);
    PHP:
    Then just use that variable in the query.
     
    blueparukia, Jul 14, 2008 IP