Text only
|
Text with Images
Simple Machines Community Forum
Customizing SMF => SMF Coding Discussion => Topic started by: MaisterK on February 20, 2018, 12:14:12 AM
Title:
Simple db_query question
Post by:
MaisterK
on
February 20, 2018, 12:14:12 AM
Hi
I have simple security question:
strings used in $smcFunc['db_query'] need to be escaped?
or the function do this?
Title:
Re: Simple db_query question
Post by:
vbgamer45
on
February 20, 2018, 01:10:41 AM
They should be if you are passing the data raw in.
If you are using the parameters type mapping then you are in better shape.
Text only
|
Text with Images