PDO sanitize?

Problems with the Windows version of XAMPP, questions, comments, and anything related.

PDO sanitize?

Postby Epiales » 11. May 2018 15:26

Okay, I have just started learning PDO and was curious if the below code is safe and secure? I"m used to doing the mysqli_real_escape_string, so all new to me. From what I've read online, I think it's secure, but never hurts to ask. Also, if this isn't the place, please let me know and I'll search another forum. Thank you and sorry if it's out of line.


Code: Select all
<?php

if(isset($_POST['register']))
{
 
include_once('dbconnection.php');

    // get values form input text and number
    $fname = $_POST['uname'];
   
    // mysql query to insert data

    $sql = "INSERT INTO `tbl_users`(`username`) VALUES (:fname)";
   
    $result = $con->prepare($sql );
   
    $query = $result->execute(array(":fname"=>$fname));
   
        // check if mysql insert query successful
    if($query)
    {
        echo 'Data Inserted';
    }else{
        echo 'Data Not Inserted';
    }
}
?>


Thank you much!
Epiales
 
Posts: 8
Joined: 09. May 2018 23:13
XAMPP version: Latest 7.2.4
Operating System: Windows 10

Re: PDO sanitize?

Postby Altrea » 12. May 2018 10:57

We cannot answer this because security is always a matter of use case. There are so many possible attack types.

For example if you want to know if your code is secure against all types of SQL injection attacks the answer is probably no.
One possible attack method is described here
https://stackoverflow.com/questions/134 ... -injection
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 10283
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: PDO sanitize?

Postby Epiales » 14. May 2018 22:58

Thank you for the link. Appreciate it :)
Epiales
 
Posts: 8
Joined: 09. May 2018 23:13
XAMPP version: Latest 7.2.4
Operating System: Windows 10


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 119 guests