MySQL injection in latest version of MySQL and PHP? - Kahuki Webmaster Forum and Discussion Community

sumesh · #1 (**permalink**) 03-20-2006, 12:18 PM

I use MySQL version 5.0.18 and PHP version 5.1.1.
Do these products still contain MySQL injection risk? I have tried to write some SQL injection in the form, but it did work. So, does this mean I do not necessary to use function mysql_escape_string() for every form submitted by users?

mehtasa · #2 (**permalink**) 03-22-2006, 02:55 PM

MySQL injection is an inherint problem. But it is generally fixed w/ proper coding techniques. As a side note, and fyi it is very risky running the *newest* versions of both MySQL and PHP on a production machine.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
how to upload mySQL database to my webhost? At my machine, mySQL uses innodb engine, which is disabled on host	Schlase	PHP	2	05-25-2007 03:37 PM
How to Update MYSQL database table based on mysql query array?	blackfox	PHP	2	03-30-2007 02:11 AM
how to connect mysql using php 5?mysql is not activated by default...so error message is shown....what to do?	Jason M	PHP	2	03-15-2007 06:25 PM
MySQL & MySQL Server Removal Help Needed Please? I feel so dumb to be this damn smart!?	blackfox	PHP	1	11-26-2006 06:27 PM
Zulu Pad "PHP MYSQL program exactly like ZuluPad that you can put up on a web server and sync to MYSQL?	baggiho	PHP	1	10-10-2006 07:24 AM