citadelind
asked on
My SQL Injection in PHP
- Please give me solutions of SQL Injection in my project.
- It is again and again comes in database.
- Script add in every table in database.
- How to prevent this problem?
- Give me good solutions so that next do not happen.
- It is again and again comes in database.
- Script add in every table in database.
- How to prevent this problem?
- Give me good solutions so that next do not happen.
do you use mysql_real_escape_string() function on your input?
something like this,
$unsafe_variable = $_POST["user-input"];
$safe_variable = mysql_real_escape_string($ unsafe_var iable);
mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
$unsafe_variable = $_POST["user-input"];
$safe_variable = mysql_real_escape_string($
mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
Don't forget to vote : https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_686-PHP-Prevent-SQL-Injection.html
http://www.php.net/manual/en/function.mysql-real-escape-string.php
https://www.experts-exchange.com/questions/24175455/SQL-Injection-protection.html
https://www.experts-exchange.com/questions/23210268/How-to-protect-my-form-against-MySQL-injection-and-other-attacks.html
http://www.php.net/manual/en/function.mysql-real-escape-string.php
https://www.experts-exchange.com/questions/24175455/SQL-Injection-protection.html
https://www.experts-exchange.com/questions/23210268/How-to-protect-my-form-against-MySQL-injection-and-other-attacks.html
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for help.