SQL injection attack

warning: Creating default object from empty value in /home/coredogs/public_html/modules/taxonomy/taxonomy.pages.inc on line 33.

Adding data


  • There are two pages for adding a record: one page with a form the user fills in, and another page that adds the user’s data to the database.
  • The SQL INSERT statement does the work.
  • Use stripslashes() to remove backslashes that PHP adds to form data.
  • Use $db->escape_string() to foil SQL injection attacks.


How to...