scienziato-pazzo Posted April 10, 2013 Posted April 10, 2013 Hi, I use the dbQuery instruction to use queries. But how to use the old mysql_real_escape_string to protect the query from MySQL Injection?
MIKI785 Posted April 10, 2013 Posted April 10, 2013 I don't know about that but try using string.gsub, it's the simplest solution, at least I think so.
csiguusz Posted April 10, 2013 Posted April 10, 2013 Just read the wiki about dbQuery. String parameters are automatically quoted and escaped as required.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now