SQL INJECTION & PREVENTION IN PHP MYSQL

[{"selector":"#anim-b7dc6034-7ee2-4f7f-8f2d-3f2d02eb0a02","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-6877a18c-e30c-4df3-8a17-206da3fa5a69","keyframes":{"transform":["translate3d(0px, 137.48537%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ce2e5d77-b065-44a6-9dee-d80dab9ed7da","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-4ce5f12d-6225-431c-b080-c3c38659dbf3","keyframes":{"transform":["translate3d(0px, -1346.3493%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-c4995dce-afaa-4316-887b-aff7f9b2b1cf","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-1f518f85-bdbf-493d-aa08-9c0f8994b3c1","keyframes":{"transform":["translate3d(0px, 290.74071%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] PHP MYSQL (a quick example)

DUMMY DATABASE

[{"selector":"#anim-e1b4f41a-3abd-49f7-9897-4f5868186bf6","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":600,"fill":"both","iterations":1}] ID | Primary key. NAME | Name. STATUS | 1 for active, 0 for hidden.

SQL INJECTION (A)

[{"selector":"#anim-181671e7-7aa1-4e7f-8778-1770f289de33","keyframes":{"opacity":[0,1]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-13b1a416-3a94-4117-9857-ef09565742c3","keyframes":{"transform":["translate3d(-119%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ac6ec30b-4992-43ef-aeaf-8059bd5e1c94","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-51bfcc91-c9df-41f0-8d88-5379e801f95c","keyframes":{"transform":["translate3d(-118.66666%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] CONNECT TO DATABASE $pdo = new PDO("mysql:host=HOST; charset=utf8mb4;dbname=NAME", USER, PASSWORD); USER ENTERS SEARCH TERM $_POST["search"] = ‘ " OR 1=1 OR `name` LIKE " ’;

SQL INJECTION (B)

[{"selector":"#anim-bc92f497-add7-45d4-9252-61b4327d64db","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-3589deb0-6f1f-45e8-9a2a-f65d19325f37","keyframes":{"transform":["translate3d(118.66668%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d8e1ae84-957d-4e18-970e-8666a3ce1874","keyframes":{"opacity":[0,1]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-e3f5bda8-776f-4070-ab57-7688c071f9b4","keyframes":{"transform":["translate3d(119.00001%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":50,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] SEARCH DATABASE $stmt = $pdo->prepare("SELECT * FROM `TABLE` WHERE `status`=1 AND `name` LIKE \"%".$_POST["search"]."%\" "); $stmt->execute(); $results = $stmt->fetchAll(); OUTPUT ALL BECAUSE SQL BECAME SELECT * FROM `TABLE` WHERE `status`=1 AND `name` LIKE "%" OR 1=1 OR `name` LIKE "%"

PREVENT INJECTION

[{"selector":"#anim-8fa51f05-6076-440d-8973-680d8a76b1ef","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-052496d0-0ac5-4a7f-a5c9-19e03cbcd79f","keyframes":{"transform":["translate3d(-118.66666%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-09e31b63-b95c-420b-b6b3-8220ac4d3de1","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-4bd76e45-47a0-4264-ad97-5abb96205e7a","keyframes":{"transform":["translate3d(118.66668%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-28805268-8789-4d4e-9daf-8c16d56cbb14","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ca105481-f851-4b18-9155-158417df7199","keyframes":{"transform":["translate3d(0px, 446.29631%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] CHANGE VALUES INTO ? $stmt = $pdo->prepare( "SELECT * FROM `TABLE` WHERE `status`=1 AND `name` LIKE ? "); FEED DATA INTO EXECUTE() $stmt->execute ( ["%".$_POST["search"]."%" ] ); GET RESULTS $results = $stmt->fetchAll();

VISIT & FOLLOW

[{"selector":"#anim-6a1ce308-2572-4eb3-b791-98c9ef21c6de","keyframes":{"opacity":[0,1]},"delay":2000,"duration":1000,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-70638e44-1173-4921-bd7b-7d0063faa1ef","keyframes":{"opacity":[0,1]},"delay":2000,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-21e10831-df25-43b7-9ce9-99bffc419bae","keyframes":{"transform":["translate3d(-128.43511%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2000,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-35d7322e-a0fa-4a2e-85d2-8dc3f4fdfd9c","keyframes":{"opacity":[0,1]},"delay":2400,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-389ce26f-3b8f-4403-a67f-a72cdbcc890c","keyframes":{"transform":["translate3d(-151.73267%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2400,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d55f86e7-c421-43ca-8459-7eac1e45991d","keyframes":{"opacity":[0,1]},"delay":2600,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-5927acc7-56bc-47f2-9d5b-eda077d1218a","keyframes":{"transform":["translate3d(-151.23154%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2600,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-51fa1b32-0e3f-4d6d-bfb5-e5b73d4cee28","keyframes":{"opacity":[0,1]},"delay":2200,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-cd8d4442-9716-44f9-a31c-7a15026ab375","keyframes":{"transform":["translate3d(-170.88234%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":2200,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-4a9b98b5-ba0f-4b2c-8c33-92ce3e067b36 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-9.005899657028372%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

SQL INJECTION & PREVENTION IN PHP MYSQL

DUMMY DATABASE

01

SQL INJECTION (A)

02

SQL INJECTION (B)

03

PREVENT INJECTION

04

VISIT & FOLLOW

CODE BOXX YOUTUBE

CODE BOXX PINTEREST

FULL TUTORIAL