Search the Community
Showing results for tags 'sql injection'.
-
<?php if(isset($_POST['submit'])){ $uname = $_POST['username']; $pword = $_POST['password']; /*** mysql hostname ***/ $hostname = 'localhost'; /*** mysql username ***/ $username = 'root'; /*** mysql password ***/ $password = 'anty90'; try { $link = new PDO("mysql:host=$hostname;dbname=gamb...
- 15 replies
-
- sql injection
- database
-
(and 3 more)
Tagged with:
-
I am having a wamp issue so I can't try these out right now. According to the book I'm learning php with, I can easily avoid injection attacks this way: $a= stripslashes($a); $a= mysql_real_escape_string($a); What concerns me is the repetition of the variable, $a. Does it matter? Intuit...
- 8 replies
-
- sql injection
- mysql_real_escape_string()
-
(and 1 more)
Tagged with:
-
I was wondering what most of you guys use to prevent against SQL injection? This is what I am currently using. function transform_HTML($string, $length = NULL){ $string = trim($string); $string = utf8_decode($string); $string = htmlentities($string, ENT_NOQUOTES); $string = str_replace("\"", "...
- 3 replies
-
- sql injection
- login
-
(and 1 more)
Tagged with:
-
Greetings <? mysql_connect("xxx","xxx","xxx"); mysql_select_db("name"); if (!isset($_POST['submit'])) { print "<h1>"; print "Welcome"; print "</h1>"; print "<br><br><br>"; echo "<center>"; print "<form action=\"\" method=\"POST\">"; print "<input name=\"dgt\" id=\"Join\" style=\"width:400px\" type...
- 14 replies
-
- sql
- sqlinjection
-
(and 3 more)
Tagged with:
-
Hi all, I am new to this, so please be gentle . I have just taken over a website and moved to new server and it has thrown up a couple of errors, most of which I've sorted other than this one: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server versi...
- 29 replies
-
- sql injection
- mysql server version
-
(and 1 more)
Tagged with:
-
as the title suggests, what steps do i need to take to give a website a reasonable amount of security? i know about mysql_real_escape_string and have googled a bit regarding this topic. what else do i need to do??
-
Hi PHP Freaks, At the moment I have been researching SQL Injection Protection however most sites just tell me that mysqli::real_escape_string ( string $escapestr ) is not enough and hackers can still insert malicious actions. I don't know how else to secure it. If anyone has a pre-written script fo...
- 12 replies
-
- sql
- sql injection
-
(and 1 more)
Tagged with:
-
Would you say that this code is safe from SQL injection? If not, then why? <?php if ($_SERVER['REQUEST_METHOD']=='POST'){ $con = mysql_connect( "###","###","###" ); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("###", $con); $n = mysql_real_escape_string($_POST['...
- 2 replies
-
- sql injection
- mysql
-
(and 1 more)
Tagged with: