Log in or Sign up

Advertising
y u no do it?

Advertising (learn more)
Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

Starts at just $1 per CPM or $0.10 per CPC.

Explain SQL injection

Discussion in 'PHP' started by vic_msn, Nov 23, 2006.

Page 2 of 2

T0PS3O Feel Good PLC

Messages:

13,219

Likes Received:

777

Best Answers:

0

Trophy Points:

0

#21

Do both. JavaScript AND server side input validation and sanitizing.

T0PS3O, Nov 30, 2006 IP
drewbe121212 Well-Known Member

Messages:

733

Likes Received:

20

Best Answers:

0

Trophy Points:

125

#22

vic_msn said: ↑

also to protect yourself please avoid doing javascript validation
as the visitor will be able to view the source and can change it according to his input or perform some form of tricks. so use only complete php validation as the php source is no visible directly to the hacker.
Click to expand...

Great Advice!

Javascript can also be turned off globally by the browser, thus would completely bypass the javascript validation.

If you want to use javascript validation use it as a pre-server-side validator, but make sure EVERYTHING is also checked on the server side as well.

drewbe121212, Dec 2, 2006 IP

(You must log in or sign up to reply here.)

Page 2 of 2