Posts Tagged ‘injection’

MySQL injection in latest version of MySQL and PHP?

I use MySQL version 5.0.18 and PHP version 5.1.1.
Do these products still contain MySQL injection risk? I have tried to write some SQL injection in the form, but it did work. So, does this mean I do not necessary to use function mysql_escape_string() for every form submitted by users?

PostCategoryIcon Posted in php | PostTagIcon Tags: , , , , | PostCommentsIcon 1 Comment »

PHP Security and SQL Injection?

I understand that if I put up a password dialog in my php / mySQL website that I open the site up to security hazards like SQL injection in which a skillful vandal could actually change a great deal of data or erase data in my mySQL database.

How can you secure a website that uses PHP / mySQL?
————–
Thanks to everyone for all of the answers.

Do I understand correctly that I should call the following function on all input before making it a part of my SQL query and that this function will take care of any SQL injection problems?

mysql_real_escape_string()

Is this all that I need to do is call this function on all user input?

http://uk3.php.net/mysql_real_escape_string

PostCategoryIcon Posted in php | PostTagIcon Tags: , , , , , , , , , , , , , | PostCommentsIcon 5 Comments »

PHP Tutorials: SQL Injection (Part 1)

Learn what SQL injection is and how to get access to an account without a password.

PostCategoryIcon Posted in php | PostTagIcon Tags: , , , , , , , , , , , , , , , , , , , , , , | PostCommentsIcon 3 Comments »

TigerDirect

For Sale
Recent Posts
Pages
Blogroll
Meta

Copyright © 2009 PHP Programming Tips. All Rights Reserved.

Powered by WordPress and URLchef.com WordPress Theme and Powered by Yahoo! Answers.