DEV Community

Cover image for SQL Injection!!!
amirhossein
amirhossein

Posted on

SQL Injection!!!

Hi guys . How to protect yourself from SQL Injection?
Specially Inputs???
I know i can google it but i think experiences are more useful.

Top comments (4)

Collapse
 
molleer profile image
David Möller

Prepared statements has pretty much solved this problem

Collapse
 
amirdev profile image
amirhossein

Preparing and then binding parameters? Yes and also you can use addslashes method in PHP it gives a backslash before characters and this protects you from SQL Injection ...

Collapse
 
vlasales profile image
Vlastimil Pospichal • Edited

addslashes don't prevent SQL injection.

php.net/manual/en/function.addslas...
The addslashes() is sometimes incorrectly used to try to prevent SQL Injection. Instead, database-specific escaping functions and/or prepared statements should be used.

Collapse
 
peledzohar profile image
Zohar Peled
peledzohar image

Why is SQL injection still a thing?

Zohar Peled ・ Jul 16 ・ 1 min read

#sql #database #csharp #dotnet

Read next

steeve profile image

Create a Private Email API for Free

Steeve -

gloriasilver profile image

Document Object Model

Tejuosho Gloria -

ashleysmith2 profile image

Accessibility Breakdown

Ashley Smith -

islomali99 profile image

Afifmetik operatorlar | C++

islomAli99 -