This is PhpSecInfo Report for our servers: I cant access to php.ini for fix warnings. I want to know, Could the hacker access to database with this settings? I have a very simple site that read data from database. There is mysql_real_escape_string, numeric data filter, sprintf vs in my queries. Please help me about this issue. Thanks alot.
+1
A:
I want to know, Could the hacker access to database with this settings?
No.
Of course, you need to duly sanitize any data you use in your mySQL queries, that is something this test can't detect. But you say you already do that, so there shouldn't be a problem.
Pekka
2010-06-18 16:53:07