Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-settings.php on line 468

Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-settings.php on line 483

Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-settings.php on line 490

Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-settings.php on line 526

Strict Standards: Declaration of Walker_Page::start_lvl() should be compatible with Walker::start_lvl(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 594

Strict Standards: Declaration of Walker_Page::end_lvl() should be compatible with Walker::end_lvl(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 594

Strict Standards: Declaration of Walker_Page::start_el() should be compatible with Walker::start_el(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 594

Strict Standards: Declaration of Walker_Page::end_el() should be compatible with Walker::end_el(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 594

Strict Standards: Declaration of Walker_PageDropdown::start_el() should be compatible with Walker::start_el(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 611

Strict Standards: Declaration of Walker_Category::start_lvl() should be compatible with Walker::start_lvl(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 705

Strict Standards: Declaration of Walker_Category::end_lvl() should be compatible with Walker::end_lvl(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 705

Strict Standards: Declaration of Walker_Category::start_el() should be compatible with Walker::start_el(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 705

Strict Standards: Declaration of Walker_Category::end_el() should be compatible with Walker::end_el(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 705

Strict Standards: Declaration of Walker_CategoryDropdown::start_el() should be compatible with Walker::start_el(&$output) in /home/datafake/public_html/blog/wp-includes/classes.php on line 728

Strict Standards: Redefining already defined constructor for class wpdb in /home/datafake/public_html/blog/wp-includes/wp-db.php on line 306

Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-includes/cache.php on line 103

Strict Standards: Redefining already defined constructor for class WP_Object_Cache in /home/datafake/public_html/blog/wp-includes/cache.php on line 425

Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-includes/query.php on line 21

Deprecated: Assigning the return value of new by reference is deprecated in /home/datafake/public_html/blog/wp-includes/theme.php on line 618

Strict Standards: Redefining already defined constructor for class WP_Dependencies in /home/datafake/public_html/blog/wp-includes/class.wp-dependencies.php on line 15

Warning: Illegal string offset 'trackoutbound' in /home/datafake/public_html/blog/wp-content/plugins/google-analytics-for-wordpress/googleanalytics.php on line 489

Warning: Illegal string offset 'trackadsense' in /home/datafake/public_html/blog/wp-content/plugins/google-analytics-for-wordpress/googleanalytics.php on line 501

Strict Standards: call_user_func_array() expects parameter 1 to be a valid callback, non-static method GoogleSitemapGeneratorLoader::Enable() should not be called statically in /home/datafake/public_html/blog/wp-includes/plugin.php on line 311
Security | The Datafake Blog

Posts Tagged ‘Security’

PHP Security - Avoid SQL Injection and XSS Attacks

Tuesday, October 28th, 2008
If using $_GET or $_POST variables in an mysql query, clean them with mysql_real_escape_string. When displaying user submitted content from the database, apply htmlentities before it is displayed. SQL Injection - mysql_real_escape_string() Using mysql_real_escape_string stops malicious inputs breaking SQL queries. The quote ‘ is a reserved character in SQL. When it appears as part of a parameter [...]

Tags:
Posted in PHP | 4 Comments »