Home Unlabelled Protect against SQL Injection

Protect against SQL Injection

By
Monday, November 28, 2011
Read
Add Comment
There are more ways.. 1 of them is-

with blocking the SQL commands 
function mysqlesc($input) { 

$input = str_ireplace('\'', '', $input);

$input = str_ireplace('"', '', $input);

$input = str_ireplace('UNION', '', $input); 

$input = str_ireplace('--', '', $input); 

$input = str_ireplace('/**/', '', $input); 

$input = str_ireplace('/*', '', $input); 

return $input; }

another protecting method is:

function mysqlesc($input){
$input = mysql-real-escape-string($input);

return $input;
}
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us