When People are trying to insert an sql inection, that time mysql errors displays the table name with the column names, how can I turn off this, My site is built in MVC framework,
and this is how developers have queried the database,
$offset=0; if(isset( $_GET['offset'])) $offset=$_GET['offset']; $array_list=$DB->q("select *,users.user_list_id from users left join list_api on users.user_list_id=list_api.api_id $like order by `user_id` DESC limit $offset,". $PerPage ); $view="views/a_list_users.html";
and I cant put @ to disable query, how do i handle this?