News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Stefan Mischook's Blog:
Defending against SQL Injection attacks
December 03, 2009 @ 11:35:36

In this new post to his KillerPHP.com blog Stefan Mischook looks at a few of the basic steps you can take to help prevent SQL injection attacks in your application.

You should protect your relational databases (like MySQL) from the dreaded SQL injection attack. These attacks are conducted by evil sniveling nerds, trying to insert damaging SQL code into your HTML form fields (and query strings too) to do things like drop database tables or even wipe out your database altogether!

There's three things he recommends as good places to start - mysql_real_escape_string, using an ORM layer with its own escaping and using something like PDO that cleans up the input for you.

0 comments voice your opinion now!
defend sql injection attack


blog comments powered by Disqus

Similar Posts

Sam Hennessy's Blog: A Dependency Injection for PHP Manifesto – Part 2 (Why I Want It)

MaltBlue.com: Easy Setter Injection in Zend Framework 2

PHPPro.org: SQL Intro, Reciprocal Links & Finding Links with DOM

Marcelo Gornstein's Blog: Writing PHP applications with Doctrine2 as ORM and Ding as DI container

Hasin Hayder's Blog: Vulnerable bug in CodeIgniter which took us hours to fix our corrupted database


Community Events





Don't see your event here?
Let us know!


refactor list podcast unittest opinion introduction framework community install code interview symfony2 experience language threedevsandamaybe release series laravel developer testing

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework