Posted

After having two conversation on escaping data for MySQL insertion within 5 minutes of each other in ##php@freenode, I decided to created a cheat sheet on Filtering & Escaping in general.

I think what most people are not aware of is that not just outputting to the browser is output. So is querying a database, or calling one of the exec functions, or even using the mail function (not mentioned on the cheat sheet, perhaps for v2 :-)

Filtering & Escaping Cheat Sheet (PDF) – Grab it now!

Anyhow, I hope people find this useful!

– Davey

Comments are closed.