Possible Duplicate: Best way to stop SQL Injection in PHP I would like to

Question

0

Editorial Team

Asked: May 26, 20262026-05-26T22:37:17+00:00 2026-05-26T22:37:17+00:00

Possible Duplicate: Best way to stop SQL Injection in PHP I would like to

0

Possible Duplicate:
Best way to stop SQL Injection in PHP

I would like to know which functions is best to use to prevent MySQL injections

There are plenny of functions I can use to prevent sql injections, such as:

mysql_real_escape_string
mysqli_real_escape_string
addslashes
casting values (intval etc…) for numbers
htmlentities with ENT_QUOTES
or simply remove the ' or "

I want to standardize my code using the best and faster anti-SQL-injections method and I would like to know which one should I use for high traffic sites.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T22:37:18+00:00

You shouldn’t use htmlentities for saving data to a database, addslashes isn’t 100% secured (some character sets can still make it vulnerable), using mysql_ or mysqli_ is dependent on the driver you’re using and not interchangable. Basically, its not a matter of speed or performance – the only right thing to do is using the escape function that comes with your driver (pdo::escape or mysql[I]_real_escape_string) for strings and casting integers/floats to their correct type.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Possible Duplicate: Best way to stop SQL Injection in PHP I would like to

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply