Register now or log in to join your professional community.
what is the best way to handle sql injection in php and mysql?
You can use ORM like entity framework or use stored procedure for old school
One thing you could do is to use type-safe SQL parameters for data access. This is one thing I find problematic when using a language that does not use type checking and data type restrictions.
SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input.
Injected SQL commands can alter SQL statement and compromise the security of a web application.