php oracle sql injection

[Anonymous]

use

mysql_real_escape_string()

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14 Year Old Programmer & Graphic Artist, Confident and Courageous

 

[Anonymous]

Just a guess. Are you sure that, in this case, you need to use only single oci_fetch_array() mode option?
Did you give a try to

OCI_RETURN_NULLS + OCI_ASSOC

istead of just

OCI_RETURN_NULLS

?