Share
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Aviance School is one of the largest web solutions platform in India for developers to learn and share their programming knowledge and build their careers.
A} SQL Injection Prevention:
SQL injection is an attack made on database query. Genarally we are use mysql_real_escape_string() function to prevent SQL Injection.CodeIgniter provides inbuilt functions and libraries to prevent this.
We can prevent SQL Injection in CodeIgniter.Here are few ways to stop SQL Injection.
Escaping Queries:
<?php
$username = $this->input->post(‘username’);
$query = ‘SELECT * FROM user_master WHERE user_name = ‘.
$this->db->escape($email);
$this->db->query($query);
?>
Query Biding:
<?php
$sql = “SELECT * FROM user_master WHERE id = ? AND status = ? AND username = ?”;
$this->db->query($sql, array(1, ‘active’, ‘Aviance’));
?>
Active Record Class:
<?php
$this->db->get_where(‘user_master’,array
(‘status’=> active’,’email’ => ‘info@avianceschool.com’));
?>
B} Password Handling:
Numerous developers don’t realize how to deal with password in web applications, which is presumably why various hackers discover it so natural to break into the systems. One should remember the accompanying focuses while dealing with passwords: