Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.

Login

Remember

Register

All Activity
Questions
Hot!
Unanswered
Tags
Users
Ask a Question
About

SQL Injection Protection

+6 votes

818 views

asked Nov 14, 2010 in Q2A Core by Frank Basti

Is the code in Q2a secure from SQL injections?

sql
mysql
security
database
hacked

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

0 votes

answered Nov 14, 2010 by gidgreen

Best answer

Yes, throughout. All parameters to SQL queries are substituted for # or $ in the queries you see in the code, and this substitution takes care of escaping.

commented Nov 14, 2010 by monk333

Could You point me / us to an article or good source about that ? Seems to be good to know about when working with foreign scripts.

commented Nov 14, 2010 by Frank Basti

http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php

Please log in or register to add a comment.

Welcome to the Q&A site for Question2Answer.

If you have a question about Q2A, please ask here, in English.

To report a bug, please create a new issue on Github or ask a question here with the bug tag.

If you just want to try Q2A, please use the demo site.

Related questions

Prevent sql injection in q2a custom php form ?
Data not showing up after imported sql
Microsoft SQL Server Data Access
Can I use Q2A with MS-sql DB? i have a dot.net web site.
Error in CONFIGURING Question&Answer database to my MY-SQL database
Why database size becomes so large on mysql ?
Badges create table
Integration with vBulletin 3.8.x ?
Database structure differences between current and upcoming version?
Using qa_db_query_sub with a MYSQL LIKE "%abc%"

Categories

All categories
Q2A Core (11.8k)
Plugins (3.6k)
Themes (979)

Send feedback
Demo sandbox

Snow Theme by Q2A Market

Powered by Question2Answer

...