PHP- SQL Injuction

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • somaskarthic
    New Member
    • Aug 2006
    • 60
    #1

    PHP- SQL Injuction

    Hi

    How to protect the PHP code from SQL Injuction attacks.
    Where can i found sample PHP scripts with security implementation.

    Thanks in advance
    somas
    Tags: None
    • ronverdonk
      Recognized Expert Specialist
      • Jul 2006
      • 4259
      #2
      Have a look at the Chris Shiflett course on PHP security, including MySql injection prevention: http://phpsec.org/projects/guide/

      Ronald :cool:

        Comment

        • sashi
          Recognized Expert Top Contributor
          • Jun 2006
          • 1749
          #3
          Hi Soma,

          check out the attached link.. hope it gives you some idea..

          p.s/ it's designed for ASP.. am sure with a little bit of modification it should be able to work for PHP too.. good luck my fren.. :)

          http://www.thescripts.com/forum/thread513587.html

            Comment

            • somaskarthic
              New Member
              • Aug 2006
              • 60
              #4
              Originally posted by ronverdonk
              Have a look at the Chris Shiflett course on PHP security, including MySql injection prevention: http://phpsec.org/projects/guide/

              Ronald :cool:
              Hi Ronald

              Thank u . I'll check it and come to u , if any queries

              Thanks 4 ur reply
              -somas

                Comment

                • somaskarthic
                  New Member
                  • Aug 2006
                  • 60
                  #5
                  Originally posted by sashi
                  Hi Soma,

                  check out the attached link.. hope it gives you some idea..

                  p.s/ it's designed for ASP.. am sure with a little bit of modification it should be able to work for PHP too.. good luck my fren.. :)

                  http://www.thescripts.com/forum/thread513587.html
                  Hi
                  Thank u . I'll check it and come to u , if any queries
                  Thanks 4 ur reply
                  -somas

                    Comment

                    • ronverdonk
                      Recognized Expert Specialist
                      • Jul 2006
                      • 4259
                      #6
                      When you are looking for code, there is a class "Input filter" at www.phpclasses. org, that you can use, seehttp://www.phpclasses.org/browse/package/2189.html

                      A short description:
                      This class can filter input of stray or malicious PHP, Javascript or HTML tags and to prevent cross-site scripting (XSS) attacks. It should be used to filter input supplied by the user, such as an HTML code entered in form fields.

                      I have tried to make this class as easy as possible to use. You have control over the filter process unlike other alternatives, and can input a string or an entire array to be cleaned (such as $_POST).

                      ** SQL Injection feature has been added.
                      Ronald :cool:

                        Comment

                        • iam_clint
                          Recognized Expert Top Contributor
                          • Jul 2006
                          • 1207
                          #7
                          oh by the way most people use "character escaping" if none of those links above really helped you out -- i didn't look at them myself. if you search google for php character escaping i'm sure you'll find what you need.

                            Comment

                            Previous template Next
                            Working...