PHP mysql injection protection

前端未结

关注

 6  1536

野性不改 2020-12-10 17:53

I have written this short function to protect against my_sql injection, because of its importance I just want to double check with other\'s that this will function as I inte

6条回答

攒了一身酷 (楼主)

2020-12-10 18:02

If you use PDO (properly) you don't have to worry about MySQL injection.

Sample:

/* Execute a prepared statement by passing an array of insert values */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
    FROM fruit
    WHERE calories < :calories AND colour = :colour');
$sth->execute(array(':calories' => $calories, ':colour' => $colour));

More information

0 讨论(0)

查看其它6个回答