4
I am developing a project that involves pass words among other important infomations that I need to insert into the mysql database.
My question is which option should I use to escape this data against sql Injection. I am currently using a regular expression that removes unwanted characters. I am using PDO.
To enter data into the database, use the
mysql_real_escape_string
, then if possible explain better why. Take advantage and read this - Why not use mysql functions_*– Edilson