scienziato-pazzo Posted April 10, 2013 Share Posted April 10, 2013 Hi, I use the dbQuery instruction to use queries. But how to use the old mysql_real_escape_string to protect the query from MySQL Injection? Link to comment
MIKI785 Posted April 10, 2013 Share Posted April 10, 2013 I don't know about that but try using string.gsub, it's the simplest solution, at least I think so. Link to comment
csiguusz Posted April 10, 2013 Share Posted April 10, 2013 Just read the wiki about dbQuery. String parameters are automatically quoted and escaped as required. Link to comment
scienziato-pazzo Posted April 11, 2013 Author Share Posted April 11, 2013 Thanks csiguusz. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now