DEV Community

Cover image for SQL Injection!!!
amirhossein
amirhossein

Posted on

SQL Injection!!!

Hi guys . How to protect yourself from SQL Injection?
Specially Inputs???
I know i can google it but i think experiences are more useful.

Top comments (4)

Collapse
 
molleer profile image
David Möller

Prepared statements has pretty much solved this problem

Collapse
 
amirdev profile image
amirhossein

Preparing and then binding parameters? Yes and also you can use addslashes method in PHP it gives a backslash before characters and this protects you from SQL Injection ...

Collapse
 
vlasales profile image
Vlastimil Pospichal • Edited

addslashes don't prevent SQL injection.

php.net/manual/en/function.addslas...
The addslashes() is sometimes incorrectly used to try to prevent SQL Injection. Instead, database-specific escaping functions and/or prepared statements should be used.

Collapse
 
peledzohar profile image
Zohar Peled
peledzohar image

Why is SQL injection still a thing?

Zohar Peled ・ Jul 16 ・ 1 min read

#sql #database #csharp #dotnet

Read next

bestjewelersnyc profile image

Best Jewelry Shops NYC at Diamond District Block

New York City Jewelry Store -

professionalinvestor profile image

Where to Learn to Invest

ProfessionalInvestor -

markwayne profile image

What Are the Key Differences Between AWS EC2 and AWS Lambda?

markwayne -

azhar43 profile image

Cricket: A Game of Passion, Precision, and Perseverance

Azhar -