News Feed
Jobs Feed
Sections




News Archive
Zend Developer Zone:
Security Tip Use a Database Abstraction Layer to help prevent SQL Injection
by Chris Cornutt April 11, 2007 @ 11:39:00

Matthew Weir O'Phinney has posted one of his own security tips to the Zend Developer Zone today involving the use of a database abstraction layer to help prevent SQL injections in your application.

SQL injections are a common vulnerability in web-based applications that use databases. [...] There are several methods to prevent this type of attack.

He gives three helpful hints for SQL injection prevention:

  • Use your database extension's quoting mechanism to quote values prior to executing a query
  • Use PDO's prepared statements support
  • Use a database abstraction layer (DAL), such as AdoDB, PEAR::MDB2, or Zend_Db.

0 comments voice your opinion now!
securitytip sqlinjection prevent database abstraction layer securitytip sqlinjection prevent database abstraction layer


blog comments powered by Disqus

Similar Posts

WebCheatSheet.com: Two New Tutorials - Database Export & Sending Email

Josh Adell's Blog: Path finding with Neo4j

Lorna Mitchell's Blog: Script for Database Patching at Deploy Time

PHPMaster.com: Spooky Scary PHP

WeberDev.com: PHP 101 (part 14): Going To The Polls


 Community Events











Don't see your event here?
Let us know!

development introduction zendframework2 functional opinion code composer podcast phpunit language api example release unittest testing community interview database series framework

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework