SQL Injection, prevent |
 Oct 27 2007, 09:09 AM
Post
#1
|
|
|
Newbie  Group: Member Posts: 3 Joined: Oct 2007 Member No: 584,164  |
Hello,
I'm not too experienced with php, more of a c++ person.. I was wondering if the code i've developed here is sufficient enough to prevent SQL Injections? CODE public function verify(Creg $reg) { $reg->Username = strtolower(strip_tags(stripslashes(trim($reg->Username)))); //validate characters if(preg_match("/^[a-z0-9]{1}[a-z0-9_-]{1,19}$/",$reg->Username)) { //db query, reject username, or validate and move on } else { $this->Error[] = '-Invalid characters, or username too short.<br />'; } #contnue... } |
|
|
|
Posts in this topic
  |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members: