Bobby_S
12-14-2003, 09:55 AM
Llo
which is the best/safest way to build a newsletter?
Put input (=email address) in my MySQL db?
Thanks
which is the best/safest way to build a newsletter?
Put input (=email address) in my MySQL db?
Thanks
Click to See Complete Forum and Search --> : build a newsletter
pyro
12-14-2003, 10:10 AM
I'm assuming you are asking about security, rather than actually HOW to do it, so I'd recommend passing the input into the database through stripslashes() (http://us4.php.net/manual/en/function.stripslashes.php) (so they can not execute DB commands) and htmlspecialchars() (http://us4.php.net/manual/en/function.htmlspecialchars.php) (for when the data is read out of the DB and printed on the page).
Bobby_S
12-14-2003, 01:53 PM
Originally posted by pyro
stripslashes (so they can not execute DB commands)
What do you meen with this?
I've taken a look at the php site but can't see the use of it.
Soory for asking, but I'm new to this.
Is it for cleaning the input so crackers can't harm my DB.
I don't know much about DB security. :rolleyes:
stripslashes (so they can not execute DB commands)
What do you meen with this?
I've taken a look at the php site but can't see the use of it.
Soory for asking, but I'm new to this.
Is it for cleaning the input so crackers can't harm my DB.
I don't know much about DB security. :rolleyes:
pyro
12-14-2003, 03:36 PM
That is because most servers have magic_quotes_gpc (http://us3.php.net/manual/en/ref.info.php#ini.magic-quotes-gpc) turned on. The htmlspecialchars is doing most of the work... And yes, it is to disallow potential hackers from using ' and " which could be security concerns.
webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved.
Copyright Internet.com Inc., All Rights Reserved.