PrepAway - Latest Free Exam Questions & Answers

What is the use of the mysql_real_escape_string() function in the above script

You run the following PHP script:
<?php
$name = mysql_real_escape_string($_POST[“name”]);
$password = mysql_real_escape_string($_POST[“password”]);
?>
What is the use of the mysql_real_escape_string() function in the above script.
Each correct answer represents a complete solution. Choose all that apply.

PrepAway - Latest Free Exam Questions & Answers

A.
It can be used as a countermeasure against a SQL injection attack.

B.
It escapes all special characters from strings $_POST[“name”] and $_POST[“password”]
except ‘ and “.

C.
It escapes all special characters from strings $_POST[“name”] and $_POST[“password”].

D.
It can be used to mitigate a cross site scripting attack.

Explanation:

One Comment on “What is the use of the mysql_real_escape_string() function in the above script


Leave a Reply

Your email address will not be published. Required fields are marked *