What characters should i block from my varibles? Right now im blocking: <>{}" '
Are there more characters i should block?
possibly "--", as that begins SQL comments.
Still, I think the main worry is the single quote, as long as that is safely escaped most SQL injection attempts should fail.
Originally posted by laserlight possibly "--", as that begins SQL comments. Still, I think the main worry is the single quote, as long as that is safely escaped most SQL injection attempts should fail.
Thanks for the fast reply. I do agree with you Laserlight. Just need some more oks with it and ill call this thread done.
If there are more do tell. Looking to make my varibles as secure as possible before i begin work on something else.🙂 🙂
the ; as that's used to seperate sql statements.
Originally posted by drawmack the ; as that's used to seperate sql statements.
Didnt even think about that one.
EDIT: Well after doing some seaching i havnt found any others so im going to call this thread resolved.
