Home > Backend Development > PHP Tutorial > Three PHP functions and two options to prevent SQL injection

Three PHP functions and two options to prevent SQL injection

angryTom
Release: 2023-04-07 17:08:02
forward
2771 people have browsed it

Three PHP functions and two options to prevent SQL injection

Three functions:

1. addslashes($string): Use backslashes to quote special characters in the string ' " \

$username=addslashes($username);
Copy after login

2. mysql_escape_string($string): Use backslash to escape special characters in the string for mysql_query() query.

$username=mysql_escape_string($username);
Copy after login

3. mysql_real_escape_string($string): Escape special characters in the string used in the SQL statement, and taking into account the current character set of the connection, you need to ensure that the current connection state can be used to use this function, otherwise A warning will be reported. There are two options of not escaping % and _

$username=mysql_real_escape_string($username);
Copy after login

:

1. Use PDO

$stmt = $pdo->prepare('SELECT * FROM user WHERE name = :name');
$stmt->execute(array(':name' => $name));
foreach ($stmt as $row) {
// do something with $row
}
Copy after login

2. Use mysqli

$stmt = $dbConnection->prepare('SELECT * FROM user WHERE name = ?');
$stmt->bind_param('s', $name);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
// do something with $row
}
Copy after login

For more PHP related knowledge, please visit PHP Chinese website!

The above is the detailed content of Three PHP functions and two options to prevent SQL injection. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:www.phplaozhang.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template