I am doing the following to protect subbmited data against sql attacks $myusername =

Question

0

Asked: June 1, 20262026-06-01T16:49:49+00:00 2026-06-01T16:49:49+00:00

I am doing the following to protect subbmited data against sql attacks $myusername =

0

I am doing the following to protect subbmited data against sql attacks

$myusername = stripslashes($myusername);
$myusername = mysql_real_escape_string($myusername);
$mypassword = stripslashes($mypassword);
$mypassword = mysql_real_escape_string($mypassword);
$confirm_password = stripslashes($confirm_password);
$confirm_password = mysql_real_escape_string($confirm_password);
$fullname = stripslashes($fullname);
$fullname = mysql_real_escape_string($fullname);

Is there an easier way of doing this? This is a registration form and i have numerous fields to protect.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-01T16:49:50+00:00

Is there an easier way of doing this?

Yes, first of all, disable automatic slashes, so you don’t need to strip them. That will reduce the code already:

$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$confirm_password = mysql_real_escape_string($confirm_password);
$fullname = mysql_real_escape_string($fullname);

If you then use so called parametrized queries, you don’t need to even call mysql_real_escape_string any longer as well but you can just safely use the variables.

Take note that you’re using the unsafe variant of mysql_real_escape_string because you don’t provide the database link to it.

See as well: Best way to stop SQL Injection in PHP.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am doing the following to protect subbmited data against sql attacks $myusername =

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply