Is This Strong Enough To Prevent SQL Injection? - Webmasters

Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,150,005 members, 7,806,921 topics. Date: Wednesday, 24 April 2024 at 07:00 AM

Is This Strong Enough To Prevent SQL Injection? - Webmasters - Nairaland

Nairaland Forum / Science/Technology / Webmasters / Is This Strong Enough To Prevent SQL Injection? (596 Views)

SQL Injection: Complete Tutorial / How To Secure Web Applications Against SQL INJECTION / Wordpress Vulnerability: The Sql Injection (2) (3) (4)

(1) (Reply) (Go Down)

Is This Strong Enough To Prevent SQL Injection? by Raylight2(m): 5:56pm On Aug 18, 2015

$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

1 Like

Re: Is This Strong Enough To Prevent SQL Injection? by IamGodzilla: 5:58pm On Aug 18, 2015

Raylight2:
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

use mySQLI wink

Re: Is This Strong Enough To Prevent SQL Injection? by 0luwatope(m): 10:18am On Aug 19, 2015

Am a novice and i use cleanvalues... Am i safe?

Re: Is This Strong Enough To Prevent SQL Injection? by dwebdesign(m): 7:20pm On Aug 19, 2015

you should upgrade to using mysqlite same as MYSQLI,
but if you insist, stripslashes and encode base64 are secured methods enough for database.

for passwords, Also use A SALT VALUE, attach it to the submitted data before been sent to the database.

1 Like

Re: Is This Strong Enough To Prevent SQL Injection? by micodon(m): 10:23pm On Aug 19, 2015

Raylight2:
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

1. Use prepared statements with PDO. takes care of query filtering
2. Encrypt your passwords with BCRYPT. its probably the safest, popular encryption algo out their. with it, there's no need for using a salt.

2 Likes

Re: Is This Strong Enough To Prevent SQL Injection? by Raylight2(m): 7:44am On Aug 20, 2015

thank you all for your comments I'll apply them

(1) (Reply)

Payment Gateway Integration In Nigeria / Get Free Domain Name Now + 1k Free Konga Voucher / Need To Do A Landing Page Help

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 7
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.