1. CSS
  2. Flash
  3. HTML
  4. Illustrator
  5. Java
  6. JavaScript
  7. Maya
  8. Photography
  9. Photoshop
  10. PHP
  11. Ruby
  12. Ruby on Rails
  13. 3ds Max

PHP: Introduction to SQL Injection

  1. Clicks today:
  2. Clicks this month:
  3. Overall rating:

PHP » Database Interactions — almost 10 years ago
In this tutorial we look at the issue of SQL injection, how the attackers use it, the problems that can arise and methods of prevention using PHP.


avatarellisgl almost 10 years ago

Basic conclusion of this tutorial is to wrap your variables that you are passing to a query with mysql_real_escape_string(). Even then, I've read stuff that mysql_real_escape_string() isn't 100% secure. There's other stuff you can do to filter strings and such. There's talk about using stored procedures, but I've seen where stored can be overkill and end up slowing query down.

Your Comment

You must be logged in to post a comment.