Mysql prevents sql injection method: 1. Turn on the magic mode of php, set [magic_quotes_gpc = on]; 2. Write the code to filter sql special characters in the website code, and convert some special characters; 3. , Open the website firewall, IIS firewall, built-in parameters for filtering sql injection.
How to prevent mysql from sql injection:
1. Turn on the magic mode of php and set magic_quotes_gpc = on, when some special characters appear on the front end of the website, they will be converted automatically, and converted into some other symbols, which will cause the sql statement to fail to execute. You can also find a professional website security company to handle it. The domestic SINE Security, NSFOCUS, and Venustech are all relatively good. They carry out security reinforcement for the website, server security protection, and mysql security deployment.
2. In the website code, write the code to filter special characters in sql, and convert some special characters, such as single quotes, commas, *, (brackets) AND 1=1, backslash, select union The sql statements such as queries are all filtered for security, restricting the input of these characters, and prohibiting them from being submitted to the backend.
3. Open the website firewall, IIS firewall, apache firewall, and nginx firewall, all of which have built-in parameters for filtering sql injection.
More related free learning recommendations: mysql tutorial (video)
The above is the detailed content of how mysql prevents sql injection problems, please pay attention to 1024programmer for more .com Other related articles!
微信扫一扫打赏
支付宝扫一扫打赏
