Anti-SQL Injection. 99% Safe! (recommended)



Anti-SQL Injection. 99% Safe! (recommended)

Hi, with this php function you can stop 99% from SQL injections on your php register page.
From today you are safe! Trust me. I recommend you to use this function…

function [b]madSafety/b {
$string = stripslashes($string);
$string = strip_tags($string);
$string = mysql_real_escape_string($string);
return $string;

Have fun! :wink:


You might also want to look into using prepared statements and PHP’s built-in PDOs. It’s much easier, but might be overkill for very simple projects. This page notes that:


Yes, with PDOs is more good but this solution for simple website is enough i think :wink:


This is not an appropriate solution. Please don’t do this.

(Among other issues, it’ll prevent you from inserting HTML or XML data into your database.)