Saving usernames with '(' or ')' in mysql

Linear Mode

Johnson_boy
Huge Clucker

Posts: 215
Threads: 25
Joined: Mar 2011
Reputation: 0

01.08.2012, 09:40

That's called mysql injection. You should always escape any user input.

A mean player could join with name '); TRUNCATE TABLE `players`, and it would delete all your users.

So take a look at function mysql_real_escape_string

Find

« Next Oldest | Next Newest »

Messages In This Thread

Saving usernames with '(' or ')' in mysql - by DeathTone - 01.08.2012, 06:12

Re: Saving usernames with '(' or ')' in mysql - by DeathTone - 01.08.2012, 06:28

Re: Saving usernames with '(' or ')' in mysql - by Johnson_boy - 01.08.2012, 09:40

View a Printable Version

Forum Jump:

Users browsing this thread: 1 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me