CCNA, CCNP, MCSA, CCNA Final Exam, All Answer Test Module With 100/100

Posts

Showing posts with the label sql-injection

Best way to stop SQL Injection in PHP

So specifically in a mysql database, I understand that this is vulnerable to SQL injection . Take the following code and tell me what to do.

Are there any differences between SQL Server and MySQL when it comes to preventing SQL injection?

I am used to developing in PHP/MySQL and have no experience developing with SQL Server. I've skimmed over the PHP MSSQL documentation and it looks similar to MySQLi in some of the methods I read about. For example, with MySQL I utilize the function mysql_real_excape_string() . Is there a similar function with PHP/SQL Server? What steps do I need to take in order to protect against SQL injection with SQL Server? What are the differences between SQL Server and MySQL pertaining to SQL injection prevention? also - is this post accurate? is the escape string character for SQL Server a single quote? Source: Tips4all