• 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!

TOPIC: security and sql injectio question

security and sql injectio question 12 years 4 weeks ago #22567

  • shinee
  • shinee's Avatar
  • OFFLINE
  • Fresh Boarder
  • Posts: 1
i am useing hidden input in the form to get some data form the url and in the php section(before saving te form) i insert the data post to db.
doest the post array is safe from sql injection at this step?
The administrator has disabled public write access.

security and sql injectio question 12 years 3 weeks ago #22572

  • octavian
  • octavian's Avatar
  • OFFLINE
  • RSJoomla! Official Staff
  • Posts: 783
  • Thank you received: 110
No, the data is only escaped when is added by RSForm! Pro in the database. It's also a good security practice to escape data before adding it to any database, it's not RSForm! Pro's job to do it for your own scripts.
Please note: my help is not official customer support. To receive your support, submit a ticket by clicking here
Regards,
RSJoomla! Development Team
The administrator has disabled public write access.
  • 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!