How do I protect my database from malicious attacks while allowing punctuation marks? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: How do I protect my database from malicious attacks while allowing punctuation marks? (/showthread.php?tid=32731)

How do I protect my database from malicious attacks while allowing punctuation marks? - El Forum - 08-02-2010 [eluser]dottedquad[/eluser] Hello all, So far my regular expression reads: preg_match("/[\W]' '/", $str)) which allows alpha numeric characters and white spaces. However, I would like to allow other punctuation marks to allow for complete sentences without posing a threat to my database. Can someone give me a regular expression example allowing certain punctuation marks? Thank You, Rich How do I protect my database from malicious attacks while allowing punctuation marks? - El Forum - 08-02-2010 [eluser]WanWizard[/eluser] If your input is cleaned properly, and if you use active record methods (or escape manually), there is no reason for extra protection. CI will take care of that for you. How do I protect my database from malicious attacks while allowing punctuation marks? - El Forum - 08-02-2010 [eluser]mlage[/eluser] Check out the Queries documentation in CI: http://ellislab.com/codeigniter/user-guide/database/queries.html Go to the bottom of the page for binding queries Nice and simple... and you don't have to worry Also, if you haven't read it already, check out the documentation on general security practices for CI: http://ellislab.com/codeigniter/user-guide/general/security.html Also, read the documentation about the input class (very nifty ) http://ellislab.com/codeigniter/user-guide/libraries/input.html How do I protect my database from malicious attacks while allowing punctuation marks? - El Forum - 08-03-2010 [eluser]dottedquad[/eluser] [quote author="mlage" date="1280802886"]Check out the Queries documentation in CI: http://ellislab.com/codeigniter/user-guide/database/queries.html Go to the bottom of the page for binding queries Nice and simple... and you don't have to worry Also, if you haven't read it already, check out the documentation on general security practices for CI: http://ellislab.com/codeigniter/user-guide/general/security.html Also, read the documentation about the input class (very nifty ) http://ellislab.com/codeigniter/user-guide/libraries/input.html[/quote] I already read about input class and the xss protection. I had no idea about binding queries. This will definitely help me. -Thanks, Rich