Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: SQL Injection

  1. #1
    New Coder
    Join Date
    Jul 2011
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts

    SQL Injection

    Little bit new to mysql, whast the best way to prevent sql injection?

  • #2
    New Coder
    Join Date
    Jul 2011
    Location
    London
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by hbro1095 View Post
    Little bit new to mysql, whast the best way to prevent sql injection?

    in the case of php + mysql integration, it's mainly mysql_real_escape_string()

  • #3
    Regular Coder
    Join Date
    Jun 2011
    Posts
    103
    Thanks
    0
    Thanked 13 Times in 13 Posts
    to learn further about SQL injection and how to prevent it...read here

  • #4
    New Coder
    Join Date
    Jul 2011
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Okay thanks, so I just gotta ad that escape to everything that could possibly get injected?

    And I will read through that link in 2 mins

  • #5
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Prepared statements and/or parameterised queries are probably the safer option. Less chance of being bitten on the arse if you forget to escape something. You can easily write a DB wrapper script to sort that side of things simply enough.

  • #6
    Banned
    Join Date
    Feb 2011
    Posts
    2,699
    Thanks
    13
    Thanked 395 Times in 395 Posts
    Quote Originally Posted by hbro1095 View Post
    Little bit new to mysql, whast the best way to prevent sql injection?
    It's probably a good idea to also validate user inputs to ensure they contain only valid characters (eg a name doesn't contain %@ etc characters) before sanitising them.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •