Is using trim() and strip_tags() for preventing sql injection is as okay as PDO or Prepaid Statement?
thre is another question on how to prevent sql injection. trim() and strip_tags() was not even discussed there.
I dont know from where people saying duplicate finding about trim() and strip_tags() in the former question answer!? Go read the answers and my question again
$username = strip_tags(trim($_POST["username"]));
$password = strip_tags(trim($_POST["password"]));
No comments:
Post a Comment