SQL INJECTION & PREVENTION IN PHP MYSQL

[{"selector":"#anim-09dcf64a-455a-4d54-ac37-7fc9fc1dbdfc","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-15a9912c-682c-44a3-a1fa-faf61ac2f379","keyframes":{"transform":["translate3d(0px, 137.48537%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-475ea47b-0014-4919-a438-ada98d0aca93","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-e6696b62-c3dd-4ed2-9afa-0eeb527567ef","keyframes":{"transform":["translate3d(0px, -1346.3493%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-0d6a3c0a-f03b-4963-9935-c0db50b408fd","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-33e35540-c28a-4fde-9bf8-80173c4af28a","keyframes":{"transform":["translate3d(0px, 290.74071%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] PHP MYSQL (a quick example)

DUMMY DATABASE

[{"selector":"#anim-a3c0acb8-8a90-411c-add7-b64d3547efc8","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":600,"fill":"both","iterations":1}] ID | Primary key. NAME | Name. STATUS | 1 for active, 0 for hidden.

SQL INJECTION (A)

[{"selector":"#anim-65af0c5f-643e-4c45-8390-94aae100d8d9","keyframes":{"opacity":[0,1]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-50cd9d90-46a5-46d9-a779-75940307b8c9","keyframes":{"transform":["translate3d(-119%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d3e9eeaa-d0e3-42b5-9f33-78dab432709e","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-46bef2c8-e5f7-4f36-922f-45efe7d6e405","keyframes":{"transform":["translate3d(-118.66666%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] CONNECT TO DATABASE $pdo = new PDO("mysql:host=HOST; charset=utf8mb4;dbname=NAME", USER, PASSWORD); USER ENTERS SEARCH TERM $_POST["search"] = ‘ " OR 1=1 OR `name` LIKE " ’;

SQL INJECTION (B)

[{"selector":"#anim-5f6eb7f7-cda3-47ac-8547-d6479d850b08","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-54de0b38-7d2a-48ba-bfd2-b7ab1d63d6e7","keyframes":{"transform":["translate3d(118.66668%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-7a78d42f-2cc5-4d0c-9986-6a8866423e60","keyframes":{"opacity":[0,1]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-bbc7cefc-f791-455a-a75d-b0f10b93c7f6","keyframes":{"transform":["translate3d(119.00001%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] SEARCH DATABASE $stmt = $pdo->prepare("SELECT * FROM `TABLE` WHERE `status`=1 AND `name` LIKE \"%".$_POST["search"]."%\" "); $stmt->execute(); $results = $stmt->fetchAll(); OUTPUT ALL BECAUSE SQL BECAME SELECT * FROM `TABLE` WHERE `status`=1 AND `name` LIKE "%" OR 1=1 OR `name` LIKE "%"

PREVENT INJECTION

[{"selector":"#anim-bb21d3bf-1d44-4266-b494-0081bc9f873a","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-1b8447f5-9625-4c60-9f7d-60a2edd89e10","keyframes":{"transform":["translate3d(-118.66666%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ae6f9594-09ce-487d-a352-9bddea58454c","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-32241e32-e9c8-4296-aeac-460e27390bd3","keyframes":{"transform":["translate3d(118.66668%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-37a98bb7-7543-42ac-98e0-56bbd45f4cb9","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-be24ec96-9984-4dcf-a54a-15029a36a85b","keyframes":{"transform":["translate3d(0px, 446.29631%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] CHANGE VALUES INTO ? $stmt = $pdo->prepare( "SELECT * FROM `TABLE` WHERE `status`=1 AND `name` LIKE ? "); FEED DATA INTO EXECUTE() $stmt->execute ( ["%".$_POST["search"]."%" ] ); GET RESULTS $results = $stmt->fetchAll();

VISIT & FOLLOW

[{"selector":"#anim-b2e9e882-2c10-4bb0-82e7-b8a0b63f8bc4","keyframes":{"opacity":[0,1]},"delay":2000,"duration":1000,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-16fa841c-c8ae-4f00-8aa8-30df0cafa358","keyframes":{"opacity":[0,1]},"delay":2000,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ddf07536-cf41-45fc-9945-0b07273ae375","keyframes":{"transform":["translate3d(-128.43511%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2000,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-46d049a0-dfe9-49c9-b052-85ba9a8e46e3","keyframes":{"opacity":[0,1]},"delay":2400,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-5592dcd9-2ab2-4b4f-9b30-4cc741848c94","keyframes":{"transform":["translate3d(-151.73267%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2400,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-e9b83690-be13-421a-b4ed-1737ba686b36","keyframes":{"opacity":[0,1]},"delay":2600,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-031c519d-b06d-43a2-aaa2-7662e57fc49a","keyframes":{"transform":["translate3d(-151.23154%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2600,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-92fee36e-8c37-473b-8255-64fb9496771a","keyframes":{"opacity":[0,1]},"delay":2200,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d5f9eaaa-fe71-4be9-9e47-7d1f3cc83cb3","keyframes":{"transform":["translate3d(-170.88234%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2200,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d0210248-a48f-407e-ab2c-f850de05291e [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-7.493271404989649%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

SQL INJECTION & PREVENTION IN PHP MYSQL

DUMMY DATABASE

01

SQL INJECTION (A)

02

SQL INJECTION (B)

03

PREVENT INJECTION

04

VISIT & FOLLOW

CODE BOXX YOUTUBE

CODE BOXX PINTEREST

FULL TUTORIAL