php sql injection prevention function code example

Example 1: How can I prevent SQL injection in PHP?

//Connect
$unsafe_variable = $_POST["user-input"];
$safe_variable = mysql_real_escape_string($unsafe_variable);

mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
//Disconnect

Example 2: sql injection attack prevention in php

SELECT UserId, Name, Password
FROM Users WHERE UserId = 105 or 1=1;

Tags:

Php Example

Recent Posts