Sign Up

Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.

Sign In

Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

You must login to ask a question.

Please briefly explain why you feel this question should be reported.

Please briefly explain why you feel this answer should be reported.

Please briefly explain why you feel this user should be reported.

Search

Ask A Question

0

Editorial Team

Asked: May 21, 20262026-05-21T15:23:37+00:00 2026-05-21T15:23:37+00:00

I mainly want to prevent hacks that can be written via scripts through the

0

I mainly want to prevent hacks that can be written via scripts through the send message and chose username fields.

function protect($v) {
    $v = mysql_real_escape_string($v);
    $v = htmlentities($v, ENT_QUOTES);
    $v = stripslashes($v);
    $v = trim($v);

    return $v;
}

Are the above php functions enough? I don’t need something super high security, just enough to have done all the basics right.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team

2026-05-21T15:23:38+00:00Added an answer on May 21, 2026 at 3:23 pm

For basic security:

mysql_real_escape_string EVERYTHING when you do a SQL Query, htmlentities when you want to echo something from the database.

Example:

<?php
    $sql = " 
        SELECT 
            *
        FROM 
            table
        WHERE
            id = '". mysql_real_escape_string($_GET['id']) ."'
        LIMIT 1
    ";           // above this is the first security

    $mysql = mysql_query($sql);

    if($mysql){
        $result = mysql_fetch_assoc($mysql);

        echo htmlentities($result); // And here the second
    } 
?>

0

Reply
Share
Share

- Report