Using query string like this: ..php/id/2???

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
113115
Forum Newbie
Posts: 1
Joined: Sun Aug 31, 2008 10:00 pm

Using query string like this: ..php/id/2???

Post by 113115 »

I am web developer, i want prevent someone attack my site using SQL injection, and i see another site do this by using query string like the following:
http://www.xxxxxxx.com/xxxx.php/id/2 (or any other numbers)

Anybody help me, please?. Thank first.
User avatar
Ziq
Forum Contributor
Posts: 194
Joined: Mon Aug 25, 2008 12:43 am
Location: Russia, Voronezh

Re: Using query string like this: ..php/id/2???

Post by Ziq »

This way maybe protect you from $_GET SQL-injection, but not protect from $_POST, $_COOKIE and maybe someone else. Best way to protect site, it check input data.

For transform URL you may use mod_rewrite
Post Reply