Quote:
Originally Posted by k0nr4d
That's not enough to stop sql injection. htmlspecialchars is enough for XSS.
|
Well, i did added some additional sanitation steps as when tested against sql injections was working fine. Either way, code need to be tested against it regardless what methods are used.