Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • How can we prevent SQL-injection in PHP?

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 261
    Comment on it

    Hello Readers ,

    For preventing SQL injection we can do by two ways :

    1- > Escaping the special characters in your post or get variables , or

    2-> By using a parameterized query.

    Both would protect you from SQL injection.

    Example :

    $unsafe_variable = $_POST["user-input"];
    $safe_variable = mysql_real_escape_string($unsafe_variable);
    
    mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
    

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: