Sql db injection (Hack)

Results 1 to 3 of 3
  1. 30-09-12 #1
    jayra
    Apprentice jayra is offline
    MemberRank
    Sep 2012 Join Date
    5Posts

    Sql db injection (Hack)

    Hello please someone tell how to prevent hack using sql db injection ...

    Thank's
    Reply With Quote Reply With Quote
  2. Check out our sponsor
    Sql db injection (Hack)
  3. 30-09-12 #2
    walkernight88
    Proficient Member walkernight88 is offline
    MemberRank
    Aug 2008 Join Date
    /etc/cabal/dataLocation
    192Posts

    Re: Sql db injection (Hack)

    Use an escape PHP function on website, forum, anything connected to the database.

    Code:
    function escape($Data)
    {
        return str_replace(array("'", '"', "#", "--", "/*", ";", "UPDATE", "DROP", "DELETE"), "", $Data);
    }
    How to use it:

    Code:
    $username = escape($_POST[username]);
$password = escape(md5($_POST[password]));
//and so on...
    Note: This must be used on input types. It's useless to use it on all variables.
    You can use this one, optimize it for your current "infraction" queries.
    Reply With Quote Reply With Quote
  4. 08-10-12 #3
    Extornia
    Hi Extornia is offline
    MemberRank
    Mar 2011 Join Date
    Sarajevo, BosniLocation
    496Posts

    Re: Sql db injection (Hack)

    Or simply use PDO.
    Reply With Quote Reply With Quote


« Previous Thread | Next Thread »

Advertisement