?
Solved

function to prevent insert hack

Posted on 2012-09-18
1
Medium Priority
?
299 Views
Last Modified: 2012-09-18
Hi

I am looking to write a function which will 'clean' any potential input string so I can log a user in with something like "select * from database where username = '$username'" - without the possibility of someone adding malicious code to the end like $username = "xyz\' or 1" whatever

I have googled with limited results

Any suggestions welcome

Best regards
0
Comment
Question by:Matt_Wilkes
1 Comment
 
LVL 60

Accepted Solution

by:
Julian Hansen earned 2000 total points
ID: 38411317
Look at  mysql_real_escape_string / mysqli_real_escape_string

Create a database class that handles your inserts / updates and make sure in that class you use the above.

Post back if you want code examples.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this series, we will discuss common questions received as a database Solutions Engineer at Percona. In this role, we speak with a wide array of MySQL and MongoDB users responsible for both extremely large and complex environments to smaller singl…
In this blog, we’ll look at how improvements to Percona XtraDB Cluster improved IST performance.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month16 days, 7 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question