A user on my website can submit multiple links under their profile, what is the best way to ensure and protect against any injections. is mysql_escape_string() good enough?
Asked
Active
Viewed 15 times
1
Victori
- 339
- 2
- 5
- 17
-
*"is mysql_escape_string() good enough?"* - and I'll tell you why *in a minute...* – Funk Forty Niner Jan 04 '18 at 02:17
-
...right here https://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string read that. A: Use a prepared statement. – Funk Forty Niner Jan 04 '18 at 02:18
-
What else could I use with that to ensure the best security? – Victori Jan 04 '18 at 02:19
-
I edited my 2nd comment to answer your question (even before you asked) *lol* – Funk Forty Niner Jan 04 '18 at 02:19
-
im using laravel is there a way to go around it in that? – Victori Jan 04 '18 at 02:20
-
you will need to consult their documentation. I believe it uses different methods and is out of the scope of the original question. – Funk Forty Niner Jan 04 '18 at 02:22