Home/ Questions/Q 7625457
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T05:11:40+00:00

I have been using php/mysql for a while now, I want to sanitize all

  • 0

I have been using php/mysql for a while now, I want to sanitize all my super globals on the start of program where i havent connected to any database yet. Is there any other php defined function to make variables sql safe. And can anyone tell me why an active mysql connection is required before using mysql_real_escapce_string

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I want to sanitize all my super globals on the start of program.

    That isn’t the best idea. You should sanitise variables based on context. If you run all of the variables through mysql_real_escape_string(), you may find you have issues when you want to use a variable outside of a SQL context.

    Is there any other PHP defined function to make variables SQL safe?

    You could use bound parameters with a library such as PDO.

    Can anyone tell me why an active MySQL connection is required before using mysql_real_escape_string()?

    I believe it is because the function needs to know the character set that the database is using so it can escape correctly.

    • 0