Prevent SQL Injection on Codeigniter

Question

davy_yg 2 Posting Whiz

5 Years Ago

Hello,

I am trying to prevent SQL Injection on Codeigniter. I am reading this link:

https://www.roytuts.com/prevent-sql-injection-in-codeigniter/

I do not understand what is the purpose of Escaping Queries, Query Binding and Active Record.

Thanks in advance.

codeigniter sql-injection

2 Contributors
2 Replies
489 Views
7 Hours Discussion Span
Latest Post 5 Years Ago Latest Post by davy_yg

All 2 Replies

pty 882 Posting Pro

5 Years Ago

https://stackoverflow.com/questions/10646142/what-does-it-mean-to-escape-a-string

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

davy_yg 2 Posting Whiz · Answer 1 · 2018-07-09T15:09:20+00:00

Also What is PHP - PDO ?

I wonder why in the Query Parameterization it mentions:

https://www.owasp.org/index.php/Query_Parameterization_Cheat_Sheet

PHP - PDO ?

I thought PDO is only for the first query connections - is that true?

Such as in: https://www.w3schools.com/php/php_mysql_prepared_statements.asp

Prevent SQL Injection on Codeigniter

Recommended Answers Collapse Answers

All 2 Replies

Recommended Answers