mdb2 and sql injection security

Codewalkers Forums Sponsor:

August 3rd, 2006, 12:42 PM

Anonymous

Registered User

Codewalkers God 35th Plane (22000 - 22499 posts)

Join Date: Apr 2007

Posts: 22,309

Time spent in forums: < 1 sec
Reputation Power: 24

mdb2 and sql injection security

Hi,
I'm curious if MDB2's methods are protecting our program from sql injection. It has an escape method but is it called whever I call the query or queryOne or _doQuery methods or whatever. Is it done in all the methods or should I call it myself?

I'm asking this because I was using some manual protection (yes very poor is that way and I want to change it.) and when I started to use mdb2, I saw that there were more then one "" in the db When I disabled my own escape function. Everything was fine. So Is it used by default or not?

Thank you for your time.

Viewing: Codewalkers Forums > PHP Related > PEAR Packages > mdb2 and sql injection security

« Previous Thread | Next Thread »

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox

Forum Jump