Thanks for the response

Posted Jan 4, 2007 9:40 UTC (Thu) by appie (guest, #34002)
In reply to: Thanks for the response by jake
Parent article: The state of PHP security

With regard to SQL injections, if you don't use an abstraction layer and are using postgresql (applause! :-) be sure to use:
pg_query_params()
http://www.php.net/manual/en/function.pg-query-params.php
It's available since PHP5.1

And remember to revisit the excellent (!) online PHP manual plus comments every now and then to check for new and improved features.