更新时间:2023-02-05 22:20:00
使用带参数的存储过程
XKCD [ ^ ]。
在安全方面你不能仅仅在1个机制上进行中继你应该有更多,如果入侵者打破你有一个第二个准备好。
以下链接将帮助您开发一些针对SQL注入的良好安全性。
使用PHP防止SQL注入 [ ^ ]
SQL注入攻击以及如何防止它们的一些提示 [ ^ ]
在PHP中停止SQL注入的***方法 [ ^ ]
Hi guys... i was just wondering what will be the best approach to prevent SQL Injection? Some suggested to use addslashes and some suggested to use mysql_real_escape_string() now i just want to know what is the best function to use?
use stored procedures with parameters
XKCD[^].
In security u can not relay on only 1 mechanism u should have more so if intruder break one u have second ready.
The following link will help u to develop some good security against SQL Injection.
Preventing SQL Injection with PHP[^]
SQL Injection Attacks and Some Tips on How to Prevent Them[^]
Best way to stop SQL Injection in PHP[^]