Can anyone help me about SQl injection attacks
Moderator: General Moderators
Can anyone help me about SQl injection attacks
i'm trying to write a script , but i heard about something called Sql injection which enable hacker or somebody to get information for my database such as usernames and passwords , so i want to protect myself against those people . thanks in advance ,
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
http://shiflett.org/articles/security-corner-apr2004
As an aside to the article, the recommended escaping function (you'll know what I mean after reading the above) is mysql_real_escape_string(), mysqli_real_escape_string() or pg_escape_string() depending on the database and library extension being used. Other databases and extensions may supply variants of these.
As an aside to the article, the recommended escaping function (you'll know what I mean after reading the above) is mysql_real_escape_string(), mysqli_real_escape_string() or pg_escape_string() depending on the database and library extension being used. Other databases and extensions may supply variants of these.