1 Reply Latest reply on Apr 12, 2008 2:42 PM by Günter Schenk

    escaping and add slashing for security

      when I am using post or get, I often want to sanitize the data received so that people cannot inject bad data or code into my scripts.

      normally I would use addslashes(). Does Dreamweaver have a facility for sanitizing data from users? Also how do you guys handle this when creating dynamic sites using ADDT.

      Thank you in advance
        • 1. Re: escaping and add slashing for security
          Günter Schenk Level 4
          Hi Chris,

          just look at the function "GetSQLValueString" which Dreamweaver (since version 8.02) adds to each form :: this one contains some sort of sanitizing funcionality like "stripslashes" or "mysql_real_escape_string" -- and this function gets applied to all DW recordsets which are based on data entered by users, e.g.

          if (isset($_GET['whatever'])) {
          $colname_article_id = $_GET['whatever'];
          }
          ....

          GetSQLValueString($colname_article_id, "int")

          Cheers,
          Günter Schenk
          Adobe Community Expert, Dreamweaver