Do I need to use mysql_real_escape_string on all form inputs?
You seem to be confusing escaping with data validation and data sanitization .
ALL fields that are sent from a form to a server should be checked for valid inputs. All fields can be manipulated in such a way to do sql or other injection.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.
Related Questions
Can I run the SPDIF and ADAT inputs & outputs with the analogue inputs & outputs simultaneously?
Can I run the SPDIF inputs & outputs with the analog inputs & outputs simultaneously?
Jquery PHP form submit - How to get form inputs to display?
Javascript form inputs created dynamically from json and need to map object to proper field from another object and save?
Should I mysql_real_escape_string the password entered in the registration form?
JQuery - Compare new value with old value on form submit, across all fields (inputs, selects)?