- Tue Dec 04, 2018 5:28 am
#821910
Hello,
I am using triggers with executeQuery() function running queries based on text fields in Dynaforms that can be filled by an user.
It has been recommended in this forum to use mysql_real_escape_string() to prevent SQL code from SQL injections.
(i.e. viewtopic.php?f=41&t=730841&p=815582&hi ... on#p815582)
However, the new 3.3.0 ProcessMaker version supports PHP 7 and in PHP 7 the mysql_real_escape_string() function is deprecated.
Which function should be used instead? Please help.
Best Regards,
fibo2358
I am using triggers with executeQuery() function running queries based on text fields in Dynaforms that can be filled by an user.
It has been recommended in this forum to use mysql_real_escape_string() to prevent SQL code from SQL injections.
(i.e. viewtopic.php?f=41&t=730841&p=815582&hi ... on#p815582)
However, the new 3.3.0 ProcessMaker version supports PHP 7 and in PHP 7 the mysql_real_escape_string() function is deprecated.
Which function should be used instead? Please help.
Best Regards,
fibo2358