Best way to prevent SQL Injection?

Question

4.00/5 (1 vote)

See more:

Hi guys... i was just wondering what will be the best approach to prevent SQL Injection? Some suggested to use addslashes and some suggested to use mysql_real_escape_string() now i just want to know what is the best function to use?

Posted 15-Feb-12 22:01pm

Madzmar25

Add a Solution

5 solutions

Solution 5

SQL Injection is a one kind of attack where the attacker generates malicious code and send into SQL query to access database or system.

For more please visit..

http://cybarlab.blogspot.com/2013/02/what-is-sql-injection.html

Posted 5-Feb-13 0:22am

Rasadul Alam Rashed

Solution 4

SQL Injection is a one kind of attack where the attacker generates malicious code and send into SQL query to access database or system.

For more please visit..
http://cybarlab.blogspot.com/2013/02/what-is-sql-injection.html

Posted 5-Feb-13 0:10am

Rasadul Alam Rashed

Solution 2

XKCD[^].

Posted 15-Feb-12 22:19pm

CPallini

Comments

Herman<T>.Instance 16-Feb-12 4:20am

cool!

CPallini 17-Feb-12 5:48am

Thanks.

thatraja 16-Feb-12 22:19pm

5! :)

CPallini 17-Feb-12 5:48am

Thank you.

Solution 1

use stored procedures with parameters

Posted 15-Feb-12 22:03pm

Herman<T>.Instance

Comments

AmitGajjar 16-Feb-12 5:29am

ofcourse 5+

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CRDave1988 · Accepted Answer · 2012-02-15T22:23:00

In security u can not relay on only 1 mechanism u should have more so if intruder break one u have second ready.

The following link will help u to develop some good security against SQL Injection.

Preventing SQL Injection with PHP[^]

SQL Injection Attacks and Some Tips on How to Prevent Them[^]

Best way to stop SQL Injection in PHP[^]