Happy Diwali 🎆 folks! When I learnt PHP for the first time, I wasn't really aware of the good practices regarding web security in PHP. Over the years, fuelled by my inquisitiveness and will for perfection, I put the effort in hours of research to figure out how exactly we can safely interact with the database in PHP.

If you try to do so yourself, you will realise that the experience of traversing the PHP documentation is not that convenient and there exist multiple ways of doing the same thing which is frankly very confusing to beginners. 🙄

Therefore, in this article, I decided to compile what I learnt and show you two ways of preventing most SQL Injection attacks in PHP (MySQLi and PDO) in a comparative fashion and explain their usage step by step. 🎉

This is what I am going to cover:

• SQL Injection
  • Short explanation
  • A simple example
• Preventing SQL Injection
  • Using Parameter Binding in MySQLi
  • Using Parameter Binding in PDO
• MySQLi vs PDO

In my next article, I am going to dive deep into Parameter Binding with real-life examples.

Continue reading "Preventing SQL Injection with PHP using Parameter Binding"

The post Preventing SQL Injection with PHP using Parameter Binding appeared first on GeekyMinds.