Prevent SQL Injection on Codeigniter

Question

davy_yg 2 Posting Whiz

6 Years Ago

Hello,

I am trying to prevent SQL Injection on Codeigniter. I am reading this link:

https://www.roytuts.com/prevent-sql-injection-in-codeigniter/

I do not understand what is the purpose of Escaping Queries, Query Binding and Active Record.

Thanks in advance.

codeigniter sql

2 Contributors
2 Replies
495 Views
7 Hours Discussion Span
Latest Post 6 Years Ago Latest Post by davy_yg

pty 882 Posting Pro

6 Years Ago

https://stackoverflow.com/questions/10646142/what-does-it-mean-to-escape-a-string

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

davy_yg 2 Posting Whiz · Answer 1 · 2018-07-09T15:09:20+00:00

Also What is PHP - PDO ?

I wonder why in the Query Parameterization it mentions:

https://www.owasp.org/index.php/Query_Parameterization_Cheat_Sheet

PHP - PDO ?

I thought PDO is only for the first query connections - is that true?

Such as in: https://www.w3schools.com/php/php_mysql_prepared_statements.asp