Prepared Statements
They are the best defense against SQL Injection attacks. They use place holders for binding. These place holders accept values of certain type not any SQL fragment. Hence SQL injection will be treated as an invalid entry
They are the best defense against SQL Injection attacks. They use place holders for binding. These place holders accept values of certain type not any SQL fragment. Hence SQL injection will be treated as an invalid entry
No comments:
Post a Comment