I’m currently making a website using PHP and MYSQLi. And I’ve been read a lot about SQL injection. As answered on other questions from StackExchange, 2 ways of prevent it is by using prepared statement and escaping string. Since I’m not able to do prepared statement (I’ve tried to make it based on tutorials and videos but can’t make it
Tag: security
Check users in a security group in SQL Server
In the Security/Users folder in my database, I have a bunch of security groups, include “MyApplication Users”. I need to check if I am (or another user is) in this group, but I have no idea how to query for it or where I could see this information. I tried looking in the properties, but couldn’t find anything. Any ideas?
How can I prevent SQL injection in PHP?
If user input is inserted without modification into an SQL query, then the application becomes vulnerable to SQL injection, like in the following example: $unsafe_variable = $_POST[‘user_input’]; …