Hi there. Can you please tell me me how i can protect my Mybb Dating plugin from SQL injection , URL injection, Xss attacks, search form attacks . Since the plugin system is not protected by mybb core security.
$db->escape_string for every string you're going to let users add to your mysql query,
intval for every integer (Returns 0 if not an int),
htmlspecialchars for everything users have put in.
It's pretty simple as that when you come down to it
Casting is however preferred in terms of performance.