Hiya all,
I am currently building a forum for a website I have made. However, one thing is bothering me. It seems that (although I dare try) if you input sql into the form fields, it would be possible to delete all my tables and run sql commands.
What can I do to prevent this??
On my registration page, all the fields have validation such that it is impossible to enter an SQL query but on a forum when the possible response can be anything I do not know what to do.
Thanks,
William
I am currently building a forum for a website I have made. However, one thing is bothering me. It seems that (although I dare try) if you input sql into the form fields, it would be possible to delete all my tables and run sql commands.
What can I do to prevent this??
On my registration page, all the fields have validation such that it is impossible to enter an SQL query but on a forum when the possible response can be anything I do not know what to do.
Thanks,
William
Comment