Click here to Skip to main content
14,972,962 members
Please Sign up or sign in to vote.
4.00/5 (1 vote)
See more:
Hi guys... i was just wondering what will be the best approach to prevent SQL Injection? Some suggested to use addslashes and some suggested to use mysql_real_escape_string() now i just want to know what is the best function to use?
Posted

use stored procedures with parameters
   
Comments
AmitGajjar 16-Feb-12 5:29am
   
ofcourse 5+
XKCD[^].
   
Comments
Herman<T>.Instance 16-Feb-12 4:20am
   
cool!
CPallini 17-Feb-12 5:48am
   
Thanks.
thatraja 16-Feb-12 22:19pm
   
5! :)
CPallini 17-Feb-12 5:48am
   
Thank you.
In security u can not relay on only 1 mechanism u should have more so if intruder break one u have second ready.

The following link will help u to develop some good security against SQL Injection.

Preventing SQL Injection with PHP[^]

SQL Injection Attacks and Some Tips on How to Prevent Them[^]

Best way to stop SQL Injection in PHP[^]
   
SQL Injection is a one kind of attack where the attacker generates malicious code and send into SQL query to access database or system.

For more please visit..
http://cybarlab.blogspot.com/2013/02/what-is-sql-injection.html
   
SQL Injection is a one kind of attack where the attacker generates malicious code and send into SQL query to access database or system.

For more please visit..

http://cybarlab.blogspot.com/2013/02/what-is-sql-injection.html
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900