Solved

My SQL Injection in PHP

Posted on 2011-09-30
5
339 Views
Last Modified: 2012-05-12
- Please give me solutions of SQL Injection in my project.

- It is again and again comes in database.

- Script add in every table in database.

- How to prevent this problem?

- Give me good solutions so that next do not happen.
0
Comment
Question by:citadelind
5 Comments
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 36890913
do you use mysql_real_escape_string() function on your input?
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 36890919
something like this,

$unsafe_variable = $_POST["user-input"];
$safe_variable = mysql_real_escape_string($unsafe_variable);

mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
0
 
LVL 82

Expert Comment

by:leakim971
ID: 36890923
0
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 36891224
There are no easy solutions, but there are best practices that can reduce the security vulnerabilities.  If you want to, you can now major in Information Technology Security.  It is a full-time four-year college major at the University of Maryland, and a degree in the field qualifies you for highly sought-after technical jobs, paying well into six figures.  There may be more to this problem than SQL injection; we cannot see what other vulnerabilities you might have.  You might want to get involved with this project.
http://phpsec.org/

At a minimum, you would want to read and understand all of the pages linked here:
http://php.net/manual/en/security.php

Make a Google search for "PHP MySQL Security" to learn more about what you're up against here.
0
 

Author Closing Comment

by:citadelind
ID: 36972350
Thanks for help.
0

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days socially coordinated efforts have turned into a critical requirement for enterprises.
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now