Question: Write a piece of code to prevent SQL injection:

Write a piece of code to prevent SQL injection:

$servername = "localhost";

$username = "user";

$password = "123456";

if(isset($_POST["uname"], $_POST["upass"])) {

$conn = new mysqli($servername, $username, $password);

if (!$conn->connect_error) {

die("Connection failed: " . $conn->connect_error); }

$query = "select * from user where uname='$_POST[uname]' AND upass='$_POST[upass]'";

$result = $conn->query($query);

}

?>

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

How do I make a prepared statement with variable binding (aka parameterized queries) for the below code application? I have accessed SQL Injection Prevention Cheat Sheet...

Q:

Modify the following code to prevent SQL injection and cross site scripting (XSS) attack: Protected void GetProductsButton_Click(object sender.EventArgs e) { SqlCommand cmd = new SqlCommand(Select *...

Q:

What are the most effective methods for distinguishing between user input and code to prevent SQL injection and XSS attacks, and how can organizations ensure that these practices are consistently...

Q:

Answer the discussion questions please i will give thumb up Security Guide THEFT BY SOL INJECTION **Warning" You are about to learn a technique for How Does SOL Injection Work? compromising an...

Q:

Add or Comment Question: Most cyber-attacks happen because vulnerabilities in system or application software. Buffer Overflow, SQL Injection, Code/OS Command Injection, Cross-Site Scripting (XSS),...

Q:

Which of following listed statements are correct If a script ( JavaScript ) running on the website example.com requests to access data in another website ( website . com ) , the web browser allow for...

Q:

1) Create table COUNTRY with the following colums:county_code Integercountry_Name Varchar(50) 2) Create table CITY with the following colums:county_code Integercity_code Integercity_name Varchar(50)...

Q:

QUESTION 5 Consider the following query an application performs when a user changes her password: UPDATE users SET password=newsecret WHERE user=marcus and password = secret If the attacker enters...

Q:

How is taint analysis commonly used to help prevent SQL Injection attacks? ( Choose the one correct answer. ) How is taint analysis commonly used to help prevent SQL Injection attacks? ( Choose the...

Q:

private void SearchButtonActionPerformed ( java . awt.event.ActionEvent evt ) { try { String ssn = SsnText.getText ( ) ; Connection conn = DriverManager.getConnection ( " jdbc:postgresql: / /...

Q:

In problem, find the equation of the line tangent to the graph of f at the indicated value of x. f(x) = ex + 1 ; x = 0

Q:

Sam is a freshman in the UC-Davis degree program in veterinary medicine. In 2016, Sam paid $3,000 in tuition, $500 for books, and $250 for supplies for class. Sam also paid room and board of $3,500....

Q:

Which of the following is typically the auditors' initial procedure performed to identify litigation, claims, and assessments? Multiple Choice Perform analytical procedures. Confirm litigation,...

Q:

You have a portfolio with a standard deviation of 24% and an expected return of 16%. You are considering adding one of the two stocks in the following table. If after adding the stock you will have...

Q:

3. Should employees be able to take as much time off work as they want?

Q:

2. What are the differences between an employee, worker and self-employed person?

Q:

understand the issues to be considered when an employee leaves an organisation.