Prior to doing an INSERT, do you MySQL real escape data before JSON encoding it, or after JSON encoding? [duplicate]

StackOverflow https://stackoverflow.com/questions/16104618

質問

Before inserting JSON-encoded data in MySQL, do you first JSON encode the data and then escape it prior to inserting, or do you first escape the data before JSON encoding it and then insert it?

役に立ちましたか?

解決

First JSON encode it then escape it prior to inserting in the database.

他のヒント

Don't use mysql_real_escape_string - it's deprecated. http://php.net/manual/en/function.mysql-real-escape-string.php If you use one of the DB libraries such as PDO, then that will do the work for you. See real escape string and PDO

The very statement of question is wrong.

  1. Do not store JSON in database.
  2. real escape doesn't make your data safe, as it's implied in your question.
  3. mysql-real-escape-string belongs to mysql - so, the answer is quite obvious.
ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top