(1) mysql_real_escape_string -- Escape special characters in the string used in the SQL statement, taking into account the current character set of the connection. The usage method is as follows:?123$sql= "select count(*) asctr from users where username='".mysql_real_escape_string($username)."'andpassword='". mysql_real_escape_string($pw)."'limit 1";Using mysql_real_escape_string() as a wrapper around user input, you can avoid any malicious SQL injection in user input. (2) Turn on magic_quotes_gpc to prevent SQL injection. There is a setting in php.ini: magic_quotes_gpc = Off. This is turned off by default. If it is turned on, the user will automatically be
1.most complete Methods to Prevent SQL Injection
Introduction:: This article mainly introduces the most complete method to prevent SQL injection. Students who are interested in PHP tutorials can refer to it.
2.http://www.56.com/m2v/?magic=1 Advanced PHP injection method collection page 1/2
Introduction: http://www.56.com/m2v/?magic=1: http://www.56.com/m2v/?magic=1 Highlights of Advanced PHP Injection Methods No. 1 /2 pages: '%23 ' and passWord='mypass id=-1 union select 1,1,1 id=-1 union select char(97),char(97),char(97) id=1 union select 1 ,1,1 from members id=1 union select 1,1,1 from a
3.php prevent sql injection method and example code
Introduction: PHP prevention sql injection method and example code
4.Advanced PHP injection method collection page 1/2_PHP tutorial
Introduction: Collection of advanced PHP injection methods, page 1/2. '%23 'andpassWord='mypass id=-1unionselect1,1,1 id=-1unionselectchar(97),char(97),char(97) id=1unionselect1,1,1frommembers id=1unionselect1,1,1fromadmin id=1unionselect1 ,1,1fromuser
5.PHP web page prevents SQL injection method configuration_PHP tutorial
Introduction: PHP web page Prevent SQL injection method configuration. The prerequisite is that we need to have administrative rights on the server, that is, we can modify the php.ini file. Now I will introduce how to modify the php configuration file to prevent SQL injection. Friends who need to learn can
6.Summary and analysis of PHP anti-sql injection methods_PHP tutorial
Introduction: Summary and analysis of PHP anti-sql injection methods. SQL injection is a problem that everyone often takes into consideration in program development. Let me analyze the common SQL injection prevention codes. Friends in need can refer to it. 1. Submit data in php
7.Introduction to some methods of sql injection in php_PHP tutorial
Introduction : Understand some methods of sql injection in php. Understand some of the methods of sql injection in php. The following are all the most common sql injection methods. Friends in need can refer to them. What is injection? For example, we are querying data
8.php Detailed explanation of SQL injection prevention method (1/4)_PHP tutorial
Introduction: Detailed explanation of how to prevent SQL injection in PHP (1/4). . Injection attack when magic_quotes_gpc = off magic_quotes_gpc = off is a very unsafe option in the php tutorial. The new version of php has changed the default value to on. But there are still relevant
9.Detailed explanation about sql injection method (1/3)_PHP tutorial
Introduction : Detailed explanation about sql injection method (1/3). Due to the reasons of the php tutorial and the mysql tutorial itself, the injection of php+mysql is more difficult than the asp tutorial, especially the construction of the statements during injection. This article is mainly based on okphp bbs v1.3
10.php.ini magic_quotes_gpc configuration anti-injection method (1/5)_PHP tutorial
Introduction: php.ini magic_quotes_gpc configuration anti-injection method (1/5). PHP tutorial.ini magic_quotes_gpc configuration anti-injection method 1. The magic_quotes_gpc option in the PHP configuration file php.ini is not turned on and is set to off 2. The developer did not check the data type
[Related Q&A recommendations]:
php - What is the correct way to inject all configuration information?
phalcon - php - Dependency Injection Dependency injection and automatic loading have their own advantages and disadvantages
The above is the detailed content of Recommended 10 methods to prevent SQL injection. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
