Loading...
Monday, November 28, 2011
Home » Sql Injection » Protect against SQL Injection

Protect against SQL Injection

There are more ways.. 1 of them is-

with blocking the SQL commands 
function mysqlesc($input) { 

$input = str_ireplace('\'', '', $input);

$input = str_ireplace('"', '', $input);

$input = str_ireplace('UNION', '', $input); 

$input = str_ireplace('--', '', $input); 

$input = str_ireplace('/**/', '', $input); 

$input = str_ireplace('/*', '', $input); 

return $input; }

another protecting method is:

function mysqlesc($input){
$input = mysql-real-escape-string($input);

return $input;
}
Posted by at 5:48 AM
Information Security
Share:

0 comments:

Post a Comment

:) :)) ;(( :-) =)) ;( ;-( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ $-) (b) (f) x-) (k) (h) (c) cheer
Click to see the code!
To insert emoticon you must added at least one space before the code.

Subscribe to: Post Comments (Atom)
This is Your First Visit on This Website. Welcome!
 
TOP