...

View Full Version : How to protect against SQL Injection from hackers?



listerdl
06-18-2011, 04:56 AM
What would you guys suggest to prevent SQL injections?

Is there something you would strongly advise me to do?

Thanks

Old Pedant
06-18-2011, 07:02 AM
What kind of server-side language are you using? What kind of database?

If you are using PHP with MySQL, then look into mysql_real_escape_string() -- it should be sufficient protection againt any attack.

If you are using some other system or some other db, let us know.

bullant
06-18-2011, 07:06 AM
Is there something you would strongly advise me to do?


I think you'll find prepared statements (http://dev.mysql.com/tech-resources/articles/4.1/prepared-statements.html) is the best defence against sql injection and other types of attack.

Old Pedant
06-18-2011, 07:34 AM
Point conceded. Prepared statements have other advantages as well.

bullant
06-18-2011, 07:38 AM
I was just replying to the op's question.

I didn't realise I was in a tennis match as well :)

15 - love ;)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum