Menu
I’m developing an e-commerce site, and thus far I have been able to add security against SQL injections by either removing spaces when getting information from the user, or replacing spaces with underscores when they are necessary (Like for addresses). But for the product search I am unable to do this without causing the query to fail. It is working fine right now but it takes the users query as is, so there is 0 security.
If anyone has some ideas for this or some experience please offer some advice.