Besides going through the strings pass are parsing it for special characters, how else can I preven insertion attacks. For Mysql, there is a function called mysql_escape_string which will do this, however I'm running an MSsql db and wondering if there is an equivalent for MSsql?
In Mysql ie.
$Input = mysql_escape_string($Input);
Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP. PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…