Защита от инъекций

Home » PHP » Защита от инъекций
PHP Комментариев нет
http://stackoverflow.com/questions/7043303/php-mysql-injection-protection mysql_real_escape_string($str) // string value for mysql query mysql_real_escape_string(addcslashes($str, "%_")) // like expression for mysql query htmlspecialchars($str) // html code json_encode() // json. only utf8 mysql_real_escape_string(addcslashes($str, '^.[]$()|*+?{}')) // mysql regular expression - you cannot use preg_quote in this case because backslash would be escaped two times! preg_quote() //php regular expression