Log in or Sign up

Explain SQL injection

Discussion in 'PHP' started by vic_msn, Nov 23, 2006.

Page 2 of 2

T0PS3O Feel Good PLC

Messages:

13,219

Likes Received:

777

Best Answers:

0

Trophy Points:

0

#21

Do both. JavaScript AND server side input validation and sanitizing.

T0PS3O, Nov 30, 2006 IP
drewbe121212 Well-Known Member

Messages:

733

Likes Received:

20

Best Answers:

0

Trophy Points:

125

#22

vic_msn said: ↑

also to protect yourself please avoid doing javascript validation
as the visitor will be able to view the source and can change it according to his input or perform some form of tricks. so use only complete php validation as the php source is no visible directly to the hacker.
Click to expand...

Great Advice!

Javascript can also be turned off globally by the browser, thus would completely bypass the javascript validation.

If you want to use javascript validation use it as a pre-server-side validator, but make sure EVERYTHING is also checked on the server side as well.

drewbe121212, Dec 2, 2006 IP

(You must log in or sign up to reply here.)

Page 2 of 2