Posts marked with "Injection" in tags

Create MySQL Injection free Secure Login System in PHP

There were a lot of people who created tutorials to create a PHP Login System. But they were all vulnerable to MySQL Injection. In this post I’m going to demonstrate a login system free of this vulnerability. It is very secure. There are mysqli and PDO in PHP to escape these injections. We are going to use **PDO ( PHP Data Object **).

UPDATE – logSys

There is a new, free, better Advanced Login System which you can check out here.

... [READ MORE]

What is SQL Injection and how to make your PHP site free from SQL Injection hacking

SQL Injection (SQLi) is a very dangerous thing that a hacker can do to your site. This happens mostly in SQL queries. Let me make you understand this in a simple way. Suppose you’re SQL query code is this:

$user=$_GET[‘user’];
$sql=mysql_query("SELECT * FROM users WHERE user='".$user."‘");

It’s a normal code. BUT it is a very easy method for hacker to easily destroy your database.
The user ID is getting from a GET request. If the file’s name (where the request is going) is user.php. The URL may be like this:

http://example.com/user.php?user=subin

... [READ MORE]

Follow/Subscribe

Telegram 

Mastodon  Twitter

GitHub GitLab

Subdomains

Demos  Lab

Past

This blog was once on WordPress. Now a static site. See source code on

GitLab