-
Question: What is AES encryption? Advanced Encryption Standard is a specification for the encryption of data established by the NIST (National Institute of Standards and Technology) in 2001. Question: What are different key... -
Queston: What is XMLRPC? XML-RPC is one of the protocols that use XML for messages between two server. It is used to "Remote Procedure Calls" using XML. Queston: Question: What is JSON-RPC? JSON-RPC is one of the protocols that use JSON for messages between... -
$headers = apache_request_headers(); print_r($headers); Following are the Response of apache_request_headers() Question: What is apache_request_headers()? This function fetch all HTTP request headers. Question: What format it return when success? An... -
Question: What is SQL Injection? SQL injection is a code injection technique, which is used to attack on database driven applications. In this malicious SQL statements are inserted into an database query. Question: How attackers attack... -
There are a variety of security issues that arise when using shared hosting solutions. There are three php.ini directives that remain important in a shared hosting open_basedir :Â The open_basedir directive provides the ability to limit the files that PHP can open to... -
Sanitize user-input when using in Mysql Query. You can use real_escape_string of mysqli. For Example: $mysqliObj = new mysqli("localhost", "root", "", "mydb"); $city =... -
Notice A notice is an advisory message like "You probably shouldn't be doing what you're doing" Execution of the script is not halted Example echo $undefinedVariable; Warning A warning is a message like "You are doing something wrong and it is... -
![How can I prevent SQL-injection in PHP [SOLVED]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWdNzFA6XJSWKDLCunlMUqLPuGTOMgxL6zmyyhtn8r96h7Zvg9QPilGyDWiCllqsT8D81k19K9oINlVFCyvhZEV2yI41Cd9r1oHRvJcb2LqP-j4BSpBFiK4kIEm5vEEc-E9c2iXu1rH5wG/s300/How+can+I+prevent+SQL-injection+in+PHP.png)
Following are different 3 ways to prevent from SQL Injection. 1. Using PHP inbuilt Functions. $name = mysql_real_escape_string($_POST["name"]); mysql_query("INSERT INTO users VALUES($name)"); 2. Use... -
register_globals is  PHP Setting, In which it registers the GET/POST array's elements as variables. For example, If URL is /index.php?name=php-tutorial-php, when you echo $name; It will print the value i.e php-tutorial-php (if register_globals is ON). Same... -
Session is Super global variable, that preserve certain data across multiple requests. A visitor accessing your web-site is assigned a unique id, the so-called session id. Its either stored in a cookie on the user side OR is propagated in the URL. Why its is used 1. Get... -
Now a days, we are uploading files like Profile images, Video files OR excel files in our web application. With uploading these files there are chances some user upload the .exe file (Virus) by renaming the .exe into .jpg, which can damage website. You might have added the... -
Following are few steps to Improve Ajax Performance First try to Reduce the Number of Ajax Call If same call send again, abort the previous call If ajax call is executing, and user go for another link, then cancel the previous one. Use GET Method, As its... -
A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of challenging-response test used in computer field to determine whether user is Human OR robot program. Captcha is used in website to confirm that your website is accessing by... -
Today, In all web application we use Ajax call to get the server data without refresh the full page. In this cases, we get required data from server without refresh the page. For Example In Registration Page, We want to validate the unique email address of user Following the Simple... -
.htaccess file is used for configuration on File Level/Directory Level and its supported by all webserver. Today all types of websites use htaccess technology. Following are Benefits of .htaccess Mange... -
Today, Cron play very vital role in our website. It reduce the lots of manual work like update the record, Caching the pages, Remove not-required data etc. Following are use of Cron Job Update Database records Copy/Move... -
It is method in which attacker create a copy of html form of another website, fill the data whatever he want to sent and submit the form. There are various ways to spoof forms, the easiest of which is to simply copy a target form and execute it from... -
In this an attacker explicitly sets the session identifier of a session for a user. Typically in PHP it's done by giving them a url like http://www.mysite.com/index.php?session_name=session_id. Once the attacker gives the url to the client, the attack is the same... -
Session Hijacking is term where attackers hold of a session identifier and is able to send requests as if they were that user. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as... -
bool openssl_private_encrypt ( string $data , string &$crypted , mixed $key [, int $padding = OPENSSL_PKCS1_PADDING ] ) Encrypts data with private key openssl_private_encrypt() encrypts data with private key and stores the result...
We are Web Technology Experts Team who provide you Important information on Web Development, Interview Questions and Answers, live project problem and their solution and online free tutorials.
PHP and mySql security issues
Subscribe to:
Posts
(
Atom
)