$_GET and security | ww.wp.xz.cn

lerizzle
(@lerizzle)

14 years, 11 months ago

I’m querying the database based on a $_GET variable. What should I do with that variable before my query? Is this sufficient?

$myVar = get_var(“SELECT table_term_taxonomy.term_taxonomy_id FROM table_term_taxonomy INNER JOIN table_terms ON (table_term_taxonomy.term_id = table_terms.term_id) WHERE 1=1 AND ( table_terms.slug = ‘$_GET[location]’ ) LIMIT 0, 1”));

or should I do something else?

The topic ‘$_GET and security’ is closed to new replies.

Tags

In: Fixing WordPress
0 replies
1 participant
Last reply from: lerizzle
Last activity: 14 years, 11 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics