Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 

  • How can we prevent SQL-injection in PHP?

    @shashank.garg
    Recommendations Offline Message

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 230
    Comment on it

    Hello Readers ,

    For preventing SQL injection we can do by two ways :

    1- > Escaping the special characters in your post or get variables , or

    2-> By using a parameterized query.

    Both would protect you from SQL injection.

    Example : 

    $unsafe_variable = $_POST["user-input"];
$safe_variable = mysql_real_escape_string($unsafe_variable);

mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
    sql injection mysql php
    Comment on it

 0 Comment(s)

Sign In
Forgot Password?
                           OR                           
Create an account !!
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: