SafeSQL 2.2

SafeSQL project is an SQL query processer to automate the tedious tasks of syntax testing, injection attack-proofing, dropping parts of queries and other misc features. It has only been tested with MySQL syntax, but any ANSI SQL-92 compliant db library should work OK.

SYNOPSIS:

require 'SafeSQL.class.php';

// dummy up a variable with a single quote in it
$section_name = "fred's place";

// run the query through SafeSQL
$safesql =& new SafeSQL_MySQL;
$query_string = $safesql->query("select * from sections
where Section_Name = '%s'", array($section_name));

echo $query_string;

OUTPUT:
select * from sections where Section_Name = 'fred's place'

// $query_string is now safe to pass to your SQL library

What's New in This Release:

· This release adds %n and %N for handling quoted and (non-quoted) NULL values.



Product's homepage