Common steps in avoiding sql injections 1.First step is to sanitize the inputs and never trust what comes from POST/GET : 2.Another tip is to Always use prepared statements (in ibase) or PDO that is more safe (query stays unchaged while executing the php script) and the parameters will be the only changes in the queries (feed them from […]![]()
![]()
![]()
![]()
↧