SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast gdhanasekar's Avatar
    Join Date
    Feb 2006
    Posts
    27
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    What is best method to store and retrive the data in mysql?

    Hi all,

    I want to clarify the best method to store and retrieve the data ( STRING or TEXT) in mysql . I know some of the methods ...

    1)mysql_escape_string(TEXT)

    2) htmlentities(TEXT) - store
    htmlentities_decode(TEXT) - retrieve

    3) urlencode(TEXT) - store
    urldecode(TEXT)- retrieve

    is there any other best techniques to store and retrive? Let me know your suggestions.

  2. #2
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Use prepared statements. I recomend PDO.

  3. #3
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    You seem a little mixed up there, good job you asked.

    The mantra is filter input, escape output.

    1 mysql_real_escape_string() or as pointed out use prepared statements - this makes sure nothing nasty leaks into your sql statement to corrupt/control your database. (e.g. SQL Injection attacks)

    2 htmlentities or htmlspecialchars to escape the output when you get it out to make sure nothing in the database (or wherever) can do something harmful to viewers of the html (e.g. XSS attacks)

    3 urlencode and urldecode is to do with making/converting legal url strings segments and has nothing to do with databases.

    FIEO - filter input, escape output
    Simple version
    Medium version (slides)
    Long version
    Last edited by Cups; Mar 18, 2009 at 08:58. Reason: altered the link for the medium one and added tag 'FIEO'


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •