I am web developer, i want prevent someone attack my site using SQL injection, and i see another site do this by using query string like the following:
http://www.xxxxxxx.com/xxxx.php/id/2 (or any other numbers)
Anybody help me, please?. Thank first.
Using query string like this: ..php/id/2???
Moderator: General Moderators
Re: Using query string like this: ..php/id/2???
This way maybe protect you from $_GET SQL-injection, but not protect from $_POST, $_COOKIE and maybe someone else. Best way to protect site, it check input data.
For transform URL you may use mod_rewrite
For transform URL you may use mod_rewrite