I have a few questions if its ok i been updating my site with mysql_real_escape_string and strip_tags the questions are below in the code thanks…
questions and code:
[code=php]
question 1
Should this code?:
<?php echo $rows[‘message’]; ?>
Be like this?:
<?php echo mysql_real_escape_string(strip_tags($rows[‘message’])); ?>
question 2
For this code do i need to use the mysql_real_escape_string and strip_tags if so how?:
$sql=”SELECT sendto, from, created, status FROM list where status = ‘1’”;
question 3
For the password fields should i also use the mysql_real_escape_string and strip_tags like this?:
$password = mysql_real_escape_string(strip_tags($_POST[‘password’]));