How to protect against sql injection without oops in php?

D

david25552018-04-26 15:34:59

PHP

david2555, 2018-04-26 15:34:59

Hello, I need to know how to protect against sql injection without oops. I don't know oops. I read early forums and articles - everyone writes different things, one is only oop safe, one is mysqli_real_escape_string. I don't know who is true and who is not. Please write to me how you can protect yourself from OOP without any php frameworks.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

D

Dymok, 2018-04-26
@UnluckySerivelha

PDO and prepared expressions, more details - https://habr.com/post/148701/

A

alexalexes, 2018-04-26
@alexalexes

And what about the fear of OOP?
The documentation describes how to attach parameters to a request in both the object-oriented and procedural style. You can implement communication with the DBMS in either style, if we are talking about MySQl.
php.net/manual/ru/mysqli-stmt.bind-param.php
PS: You're just afraid to learn the documentation, try different implementation examples. That's all.

C

Codebaker, 2018-04-26
@Codebaker

Read carefully and understand how PDO works and google about prepared queries.

Y

Yan-s, 2018-04-26
@Yan-s

I hasten to please. Knowledge of OOP is not required for this. You can just do as in numerous examples, work with PDO as a tool without going into details.
Better still, take the time to learn at least the OOP syntax in PHP. It's not hard, but it will make your life a lot easier.