News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ulf Wendel:
Not only SQL injection I don't trust you!
September 26, 2012 @ 08:34:59

On his site today Ulf Wendel talks about SQL injection and some comments that came up during a recent webinar about common MySQL mistakes PHP developers make.

Never trust user input! Injection is a threat . You are the new web developer, aren't you?. Never trust user input is the first rule I had to learn as a web developer in anchient times. Injection can happen whenever user input is interpreted or used to compose new data. A quick recap of the #3 mistake from todays Top 10 MySQL Tips and Mistakes for PHP Developers web presentation. A webinar recording should be available in a couple of days.

He points out a few "don't" things to avoid - like directly injecting superglobal values into your query and to remember that not all SQL injections are because of escaping issues. The real key? Validating input - be sure you're putting values into your query that are of the correct type and contain what you expect.

0 comments voice your opinion now!
sqlinjection mysql webinar common mistake


blog comments powered by Disqus

Similar Posts

Ulf Wendel's Blog: PECL/mysqlnd_ms compared to a classic

Job Posting: Electronic Medical Records Seeks Experienced PHP / MySQL Programmer (Philadelphia, PA)

Stubbles Blog: My wishlist for PHP 6, pt1: The 'object' type hint

ThinkPHP Blog: Methods to Reduce the Load of Your Webserver by Caching Content

DevShed: Abstracting Database Access Using Polymorphism with Objects in PHP 5


Community Events

Don't see your event here?
Let us know!


php7 language framework podcast xdebug example library release laravel5 unittest api laravel introduction install opinion voicesoftheelephpant community extension interview series

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework