Recommended 10 methods to prevent SQL injection

零下一度
Release: 2023-03-09 14:42:02
Original
2686 people have browsed it

(1) mysql_real_escape_string -- Escape special characters in the string used in the SQL statement, taking into account the current character set of the connection. The usage method is as follows:?123$sql= "select count(*) asctr from users where username='".mysql_real_escape_string($username)."'andpassword='". mysql_real_escape_string($pw)."'limit 1";Using mysql_real_escape_string() as a wrapper around user input, you can avoid any malicious SQL injection in user input. (2) Turn on magic_quotes_gpc to prevent SQL injection. There is a setting in php.ini: magic_quotes_gpc = Off. This is turned off by default. If it is turned on, the user will automatically be

1. most complete Methods to Prevent SQL Injection

Introduction:: This article mainly introduces the most complete method to prevent SQL injection. Students who are interested in PHP tutorials can refer to it.

2. http://www.56.com/m2v/?magic=1 Advanced PHP injection method collection page 1/2

Introduction: http://www.56.com/m2v/?magic=1: http://www.56.com/m2v/?magic=1 Highlights of Advanced PHP Injection Methods No. 1 /2 pages: '%23 ' and passWord='mypass id=-1 union select 1,1,1 id=-1 union select char(97),char(97),char(97) id=1 union select 1 ,1,1 from members id=1 union select 1,1,1 from a

3. php prevent sql injection method and example code

Introduction: PHP prevention sql injection method and example code

4. Advanced PHP injection method collection page 1/2_PHP tutorial

Introduction: Collection of advanced PHP injection methods, page 1/2. '%23 'andpassWord='mypass id=-1unionselect1,1,1 id=-1unionselectchar(97),char(97),char(97) id=1unionselect1,1,1frommembers id=1unionselect1,1,1fromadmin id=1unionselect1 ,1,1fromuser

5. PHP web page prevents SQL injection method configuration_PHP tutorial

Introduction: PHP web page Prevent SQL injection method configuration. The prerequisite is that we need to have administrative rights on the server, that is, we can modify the php.ini file. Now I will introduce how to modify the php configuration file to prevent SQL injection. Friends who need to learn can

6. Summary and analysis of PHP anti-sql injection methods_PHP tutorial

Introduction: Summary and analysis of PHP anti-sql injection methods. SQL injection is a problem that everyone often takes into consideration in program development. Let me analyze the common SQL injection prevention codes. Friends in need can refer to it. 1. Submit data in php

7. Introduction to some methods of sql injection in php_PHP tutorial

Introduction : Understand some methods of sql injection in php. Understand some of the methods of sql injection in php. The following are all the most common sql injection methods. Friends in need can refer to them. What is injection? For example, we are querying data

8. php Detailed explanation of SQL injection prevention method (1/4)_PHP tutorial

Introduction: Detailed explanation of how to prevent SQL injection in PHP (1/4). . Injection attack when magic_quotes_gpc = off magic_quotes_gpc = off is a very unsafe option in the php tutorial. The new version of php has changed the default value to on. But there are still relevant

9. Detailed explanation about sql injection method (1/3)_PHP tutorial

Introduction : Detailed explanation about sql injection method (1/3). Due to the reasons of the php tutorial and the mysql tutorial itself, the injection of php+mysql is more difficult than the asp tutorial, especially the construction of the statements during injection. This article is mainly based on okphp bbs v1.3

10. php.ini magic_quotes_gpc configuration anti-injection method (1/5)_PHP tutorial

Introduction: php.ini magic_quotes_gpc configuration anti-injection method (1/5). PHP tutorial.ini magic_quotes_gpc configuration anti-injection method 1. The magic_quotes_gpc option in the PHP configuration file php.ini is not turned on and is set to off 2. The developer did not check the data type

[Related Q&A recommendations]:

php - What is the correct way to inject all configuration information?

phalcon - php - Dependency Injection Dependency injection and automatic loading have their own advantages and disadvantages

The above is the detailed content of Recommended 10 methods to prevent SQL injection. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template