How can I prevent SQL injection in PHP

0 votes

The programme  becomes vulnerable to SQL injection if user input is added to a SQL query without change, as in the example below:

$unsafe_variable = $_POST['user_input']; 

mysql_query("INSERT INTO `table` (`column`) VALUES ('$unsafe_variable')");

This is due to the user's ability to input items like value'); DROP TABLE table;—, and the query becomes:

INSERT INTO `table` (`column`) VALUES('value'); DROP TABLE table;--')

What steps may be taken to avoid this scenario?

Jul 28, 2022 in PHP by Kithuzzz
 • 38,000 points 441 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In PHP

0 votes
1 answer

How can I handle the warning of file_get_contents() function in PHP?

Hello @kartik, This is fairly simple: if (!$data = ...READ MORE

answered Apr 7, 2020 in PHP by Niroj
 • 82,840 points 11,179 views
0 votes
1 answer

How can I connect to a Tor hidden service using CURL in PHP?

Hello @kartik, I use Privoxy and cURL to scrape Tor ...READ MORE

answered May 19, 2020 in PHP by Niroj
 • 82,840 points 5,319 views
0 votes
1 answer

How can I do an UPDATE statement with JOIN in SQL Server?

Hello @kartik, This should work in SQL Server: update ...READ MORE

answered Jul 21, 2020 in PHP by Niroj
 • 82,840 points 975 views
0 votes
1 answer

How can I compare two dates in PHP?

Hello @kartik, If all your dates are posterior ...READ MORE

answered Aug 27, 2020 in PHP by Niroj
 • 82,840 points 1,574 views
0 votes
1 answer

How can I upload Multiple file in php?

Hello @kartik, Multiple files can be selected and ...READ MORE

answered Aug 27, 2020 in PHP by Niroj
 • 82,840 points 807 views
0 votes
1 answer

How can I get useful error messages in PHP?

Hello @kartik, The following enables all errors: ini_set('display_startup_errors', 1); ini_set('display_errors', ...READ MORE

answered Sep 16, 2020 in PHP by Niroj
 • 82,840 points 581 views
0 votes
0 answers

Creating a search form in PHP [duplicate]

I am working on a function where ...READ MORE

Jun 9, 2022 in PHP by Kichu
 • 19,040 points 415 views
0 votes
0 answers

How to delete image form folder and database

With the code below, I'm displaying data ...READ MORE

Jul 26, 2022 in PHP by Kithuzzz
 • 38,000 points 1,338 views
0 votes
0 answers

How to fetch specific data from MySQL database to my PHP table?

I want to get data from the ...READ MORE

Jul 28, 2022 in PHP by Kithuzzz
 • 38,000 points 3,284 views
0 votes
0 answers

php records navigation

Code: <?php $host='localhost'; $user='root'; $password='root'; $database='database'; $startindex=@$_REQUEST['seek']; $db=mysql_connect($host, ...READ MORE

Aug 8, 2022 in PHP by Kithuzzz
 • 38,000 points 484 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.