bugzy Posted July 21, 2012 Share Posted July 21, 2012 Newbie question.. Right now I only have mysql_real_escape_string to my update and delete statements I wonder if select statement is still prone to a sql attack? For example like this.. Select * from table_sample It isn't part of the form. How would I able to secure it? Link to comment https://forums.phpfreaks.com/topic/266054-mysql-select-security-question/ Share on other sites More sharing options...
fenway Posted July 21, 2012 Share Posted July 21, 2012 Any query that doesn't accept user input isn't prone to sql injection attacks -- there's nothing to inject. Link to comment https://forums.phpfreaks.com/topic/266054-mysql-select-security-question/#findComment-1363340 Share on other sites More sharing options...
bugzy Posted July 21, 2012 Author Share Posted July 21, 2012 Thanks fenway.. Link to comment https://forums.phpfreaks.com/topic/266054-mysql-select-security-question/#findComment-1363350 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.