SQL inject

kaos

Does anyone know how to stop sql injections as i am creating a site from scratch and i need a safe way of stopping the injections can anyone please help me cheers

Linc

The first short-term band-aid I'd recommend is passing any text through mysql_real_escape_string() before putting it in a query. I recommend Googling PHP security and get reading; this isn't really a topic that you can cover in a forum post.

Is this a Vanilla-related site or a custom site you've made?

kaos

Custom site and thx