Register now or log in to join your professional community.
Use parameterized queries
There are basically two main methods to prevent sql injection attacks.
Make a function like this
<?php
function BlockSQLInjection($str)
{
return str_replace(array(“‘”,”””,”‘”,'”‘),array(“‘”,”"”‘”,”"”,$str));
}
?>
str_replace() function will replace all characters in the string
Another method is to use prepared statement to execute sql queries.
You can also prevent php sql injection attacks by removing unused stored procedures.
Do you need help in adding the right keywords to your CV? Let our CV writing experts help you.