Edit Article

PHP is a powerful scripting language that allows webmasters to build dynamic content. Most webmasters integrate MySQL and PHP because both are free and easy to use. However, like any web application, the integration with a second software introduces security holes and webmasters may overlook.


Incomplete_856.gif

This article has been tagged as a stub.


That means it's off to a good start, but still has plenty of room to grow before it reaches its full potential. Can you help it flourish? If you think the article offers complete and accurate instructions, feel free to remove this tag!

Steps

  1. Securely Use MySQL in a PHP Application Step 1.jpg
    1
    Understand how PHP and MySQL interact. PHP and MySQL are two different pieces of software. PHP has functions specifically designed for interaction with MySQL. These functions assume that all queries are sanitized. For more details, you may wish to read the MySQL integration overview
  2. Securely Use MySQL in a PHP Application Step 2.jpg
    2
    Avoid using mysql_query() directly. You may want to create a separate function that submits the query after it has been properly sanitized with the mysql_real_escape_string() function.
  3. Securely Use MySQL in a PHP Application Step 3.jpg
    3
    Never trust user input, even if you are the only one using the application. Write your script so that it always sanitizes user input, even if it's not being used in a query. Doing this will give you great piece of mind while programming and using your script.


We could really use your help!

Can you tell us about
beauty pageants?
Can you help us
rate articles?
Yes
No
beauty pageants
how to be a beauty queen
Can you tell us about
web analytics?
Yes
No
web analytics
how to track a website
Can you tell us about
Adobe Photoshop?
Yes
No
Adobe Photoshop
how to use the warp tool in Photoshop
Can you tell us about
wireless networking?
Yes
No
wireless networking
how to jam a network
Thanks for helping! Please tell us everything you know about
...
Tell us everything you know here. Remember, more detail is better.
Tips
Provide Details.
Please be as detailed as possible in your explanation. Don't worry about formatting! We'll take care of it. For example:
Don't say: Eat more fats.
Do say: Add fats with some nutritional value to the foods you already eat. Try olive oil, butter, avocado, and mayonnaise.
Submit

Tips

  • Write your own MySQL library. If you find yourself using the same functions repeatedly, consider writing your own MySQL library that is generalized enough that you can include it in any one of your scripts. This will save you a lot of time in writing future scripts.

Warnings

  • Read the documentation! This article does not cover the latest bugs within PHP and MySQL. It should only be used as a guide.

Article Info

Categories: Stub | Website Application Instructions

Thanks to all authors for creating a page that has been read 1,100 times.

Did this article help you?
Yes No