InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
What Is The Best Practice For Running Mysql Queries In Php? Consider The Risk Of Sql Injection. |
|
Answer» USE PDO prepared statements and parameterized QUERIES: for example: $input= $_POST["user-input"] $stmt = $pdo->prepare('INSERT INTO table (column) VALUES (":input"); $stmt->execute(ARRAY(':input' => $input)); Use PDO prepared statements and parameterized queries: for example: $input= $_POST["user-input"] $stmt = $pdo->prepare('INSERT INTO table (column) VALUES (":input"); $stmt->execute(array(':input' => $input)); |
|