Raised This Month: $ Target: $400
 0% 

Preventing SQL from injection


  
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
danielkza
AMX Mod X Plugin Approver
Join Date: May 2007
Location: São Paulo - Brasil
Old 01-08-2009 , 16:18   Re: Preventing SQL from injection
Reply With Quote #8

Quote:
Originally Posted by Lukass View Post
Try to run query:
Code:
SELECT * FROM db WHERE select='blah';
It won't work, but if we use this:
Code:
SELECT * FROM db WHERE `select`='blah';
It will work perfectly. I know i know, maybe in my query it isn't necassary, i will remove that.
Maybe because SELECT is a reserved word? You should really avoid using field names that are/resemble statements.
__________________

Community / No support through PM
danielkza is offline
 



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 09:05.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode