Free web development scripts for the webmasterDevelopment Scripts

 social media marketing services
 Site Navigation
Clicky Web Analytics
 o Development Scripts
 o Text Only Edition
 o News
 o Tutorials
 o Register an account
 o New entries this week
 o Affiliates/Links
 o Contact Us
 o About us
 o Advanced Search

 Browse Path
 o 1 user online
 o Most users online: 67
 o Home
  o PHP
   o Tips and Hints
    o Script

 Member Login
User Name

Valid XHTML 1.0!

 Recommended Links
 o PHP Freaks
 o Paper Free Invoicing
 o Tutorials
 o Expired Domain Crawler

Protection Against SQL Injection Attacks (Rated 5)


SQL Injection attacks are ways of extracting, or modifying your database without appropriate permissions.

These two functions can help you to make your scripts a little more secure.

First Function:
The majority of injection attacks require the user of single quotes to terminate an expression. By using a simple replace function and converting all single quotes to two single quotes, you're greatly reducing the chance of an injection attack succeeding.

Second Function:
Another way of exploiting scripts is to use certain characters and character sequences such as ;, --, select, insert and xp_. By removing these characters and character sequences from user input before we build a query, we can help reduce the chance of an injection attack even further.

Code starts here


function stripQuotes($strWords)
$strWords = str_replace("''", "'", $strWords)
$strWords ;

$badChars = array("select", "drop", ";", "--", "insert", "delete", "xp_") ;

str_replace() ;
$badChars as $current)
$strWords = str_replace($current, '', $strWords);

$strWords ;


Submitted by Devscripts on 30-06-2003 13:38

Recent Additions (from all categories)

(PHP) T Shirt Printing Software

(PHP) Youtube Video Organizer Script

(PHP) MP3z - MP3 Search Engine Script

(PHP) Recipez- PHP Recipe Script

(ASP) Stop image hotlinking and downloading. Web image protection is easy with Image Trapper.

Top Rated Scripts

(Javascripts) Javascript Delayed Redirection Rating: 5

(PHP) Random Links and images with PHP & MySQL Rating: 5

(PHP) RSS/XML news feed headline grabber! Rating: 5

(PHP) Random Signatures/Avatars Rating: 5

(Javascripts) Detecting Client Web Browser Rating: 5

© Copyright 2003 -  Web Analytics