1. Home
2. Questions
3. AI Assist
4. Tags
6. Challenges
7. Chat
8. Articles
9. Users
11. Jobs
12. Companies
13. Collectives
14. Communities for your favorite technologies. Explore all Collectives
Stack Internal

Stack Overflow for Teams is now called Stack Internal. Bring the best of human thought and AI automation together at your work.
Try for free Learn more
Stack Internal
Bring the best of human thought and AI automation together at your work. Learn more

Timeline for answer to mysql_real_escape_string not working? by Ben

5 events

when toggle format	what		by	license	comment
Aug 27, 2012 at 15:28	vote	accept	Cory
Nov 4, 2010 at 18:49	vote	accept	Cory
Sep 20, 2011 at 1:53
Nov 4, 2010 at 18:41	comment	added	mario		`strip_tags` is sufficient unless you put strings in attributes. And `htmlentities` is only 'safe' if used with `ENT_QUOTES`.
Nov 4, 2010 at 18:38	comment	added	Pekka		+1 however, only `htmlentities()` provides full security against XSS attacks, `strip_tags()` alone won't cut it
Nov 4, 2010 at 18:37	history	answered	Ben	CC BY-SA 2.5