PrepAway - Latest Free Exam Questions & Answers

What is the use of the mysql_real_ escape_string() function in the above script?

You run the following PHP script:
<code>
<?php
$name = mysql_real_escape_string($_POST[“name”]);
$password = mysql_real_escape_string($_POST[“password”]);
?>
</code>
What is the use of the mysql_real_ escape_string() function in the above script. Each correct
answer represents a complete solution. Choose all that apply.

PrepAway - Latest Free Exam Questions & Answers

A.
It can be used as a countermeasure against a SQL injection attack.

B.
It escapes all special characters from strings $_POST[“name”] and $_POST[“password”]except
‘ and “.

C.
It escapes all special characters from strings $_POST[“name”] and $_POST[“password”].

D.
It can be used to mitigate a cross site scripting attack.


Leave a Reply

Your email address will not be published. Required fields are marked *