Questions tagged [sql-injection]
SQL injection is a code injection technique, used to attack data driven applications, in which malicious SQL statements are inserted into an entry field for execution.
83
questions
0
votes
1
answer
79
views
PHP login codes suggestions
Now i have a fully functional PHP codes for login and registeration i was wondering if anyone could offer improvements to the code
The code:
Config.php:
...
1
vote
1
answer
142
views
Follow up to Validation Script in PHP
So I've implemented the suggestions in Original question
And now my code looks like this:
...
-2
votes
1
answer
81
views
Preventing PHP SQL injection on login [closed]
I had a login code like this:
...
-1
votes
2
answers
140
views
My Script Inserts users into a database and hashes the password, I need to know how to prevent SQL injection with Procedural-Oriented MySQLi [closed]
My script works but I just want to know how I can protect myself from SQL injection with Procedural Oriented MySQLi. Most of the tutorials are about Object-Oriented MySQLi and I'm not familiar with it ...
0
votes
1
answer
731
views
Recieving an XSS Injection: <script>alert('xssvuln');</script>
I would very much appreciate it if someone could review the php script below for any security risks.
I have a live website using shared hosting. There's a page that accepts text submissions from users....
3
votes
1
answer
681
views
Sanitizing user form input in php
Security threats in mind:
SQL Injections!!! --- Solutions: Prepared Statements (PDO) and including
$bpdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); in ...
3
votes
3
answers
294
views
Email Validation in PHP
Is this script sufficient enough to validate user email input?
...
3
votes
1
answer
806
views
Does PDO::quote helps me to protect me against sql injection?
I have to process raw sql user input with Laravel. I've backed them up as follows:
...
2
votes
1
answer
103
views
Does this PDO process look protected from SQL injection?
Does this process look protected from SQL injection attacks?
Is there something I could possibly change to make it more protected?
...
4
votes
1
answer
53
views
Displaying a user's uploaded posts
I'm working on prepared statements for my website and I'm wondering if it's possible to have multiple prepared statements one after another. In this example, I have 2 select statements. I'm hoping ...
12
votes
1
answer
291
views
Safe dynamic SQL for generic search
Prompted by discussion about SQL injection, I wanted to put a proof of concept forward to get feedback about whether this is in fact safe and protected against SQL injection or other malicious use. ...
1
vote
1
answer
582
views
PHP MySQLi Prepared Statements: Can this select query be hacked/injected?
i want to know can this be hacked/injected?
...
3
votes
2
answers
285
views
Database Model Security For Book Inventory
This code is one of the models developed for the Book Inventory application that is open for review. It is also based on a comment on this answer to a C# question. Based on the comment I did some ...
1
vote
1
answer
87
views
PHP code for search page
Want to show you part of code that I wrote to process search request. User commit search by articles (codes) of products. The goal is to allow user write his search request to textarea element in any ...
3
votes
1
answer
2k
views
PHP code to insert phone number and IP address into a table if not already present
I am currently coding a PHP script that connects to a database and inserts a phone number and IP address if either item is not present in the table. I believe I have completed it and it is working but ...