All Questions
Tagged with sql-injection security
24 questions
0
votes
1
answer
786
views
Recieving an XSS Injection: <script>alert('xssvuln');</script>
I would very much appreciate it if someone could review the php script below for any security risks.
I have a live website using shared hosting. There's a page that accepts text submissions from users....
user231248
3
votes
1
answer
717
views
Sanitizing user form input in php
Security threats in mind:
SQL Injections!!! --- Solutions: Prepared Statements (PDO) and including
$bpdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); in ...
user231248
12
votes
1
answer
317
views
Safe dynamic SQL for generic search
Prompted by discussion about SQL injection, I wanted to put a proof of concept forward to get feedback about whether this is in fact safe and protected against SQL injection or other malicious use. ...
- 2,039
3
votes
2
answers
332
views
Database Model Security For Book Inventory
This code is one of the models developed for the Book Inventory application that is open for review. It is also based on a comment on this answer to a C# question. Based on the comment I did some ...
- 26.2k
1
vote
1
answer
155
views
Prepared statements in PHP
I just heard of prepared statement in PHP and decided to prevent SQL injection with it and wrote a script testing it.
I would like to know what security threats this script can prevent, what security ...
- 113
-1
votes
1
answer
158
views
Searching for topic categories using mysqli [closed]
Is this code safe from injection, xss and whole other attacks or no ?
The below code is for search box :
...
- 11
2
votes
1
answer
327
views
Registering users bank account and logging in securely
I wrote a php script to register a user's bank account and I've tried to make the login as secure as possible, but I wonder if there are any flaws and is it's free from xss attacks and sql injection ...
5
votes
2
answers
3k
views
Inserting a record into MySQL with a timestamp
I'm starting with PHP so I can save data to a MySQL database. I read a lot and it seems the "escape" strings is not so safe.
This is my code:
...
- 51
1
vote
2
answers
160
views
Security concern for SQL Injections/XSS
This question is everywhere, and I looked at many answers. A lot suggest using mysql_real_escape_string but that isn't an option, since it's depreciated now.
...
- 13
0
votes
1
answer
153
views
Improving PHP Security of Login
One of my github issues is below. I am having some problems with my security, is there anything that I should or need to improve. Here is an example of code that I use, but throughout the script there ...
3
votes
2
answers
143
views
6
votes
1
answer
401
views
mysql_safe_query()
I have been thinking of a sql-injection free implementation in dynamic languages. Here's what I came with. All the code was written just for fun and learning purposes.
I would like to share it and ...
user78811
2
votes
3
answers
5k
views
A very secure procedural MySQLI login script against injections
I know there are other ways to create a login script like Object Oriented, Prepared Statements and PDO, but how about those old MySQL PHP users like me trying to change from old style to the new ways? ...
- 53
5
votes
1
answer
933
views
For a login portal, what security measures are needed to prevent unauthorized access?
I'm designing a login portal that has one angularjs page that displays/processes data queried from a database. I'm relying on a few php pages (a loginpage.php [verifies credentials/loads session ...
- 51
7
votes
2
answers
1k
views
Preventing SQL injection by converting all characters to their ASCII values
In order to prevent SQL injection, I'm converting every character of a string to be inserted in the database into its ASCII value before performing the query. In order to read the value of the string ...
- 277