Their SQL examples don't seem to perform any kind of input sanitization. They ju... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jre on Sept 21, 2013 \| parent \| context \| favorite \| on: Why I'm Planning to Kill W3Schools Their SQL examples don't seem to perform any kind of input sanitization. They just use raw $_POST. http://www.w3schools.com/php/php_mysql_insert.asp

Killswitch on Sept 21, 2013 [–]

I give them credit for using MySQLi and not mysql_* though. I still suggest PDO.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact