|SQL Injection still used by script kiddies , gery and even by black hat hackers, its the easiest way to hack into some one's website. So today in this article i will give you some tips to, how to prevent SQL injection on your own or may be company's website.
1. Don't allow special characters As we all know the SQL strings are often having special symbol strings, making a combination on OR and =. So try to have stroke procedures instead of SELECT * FROM table name where Username="..." and Password="...", This is the global code and vulnerable. So try to validate your code and try to avoid acceptance of special symbols.
2. Use Email Instead of User ID
The best way to prevent SQL injection is to have use of Suer name as Email address. So what is happening here the code written will validate in such a way that it will not accept anything else instead of EMAIL address. Thus SQL injection strings are non acceptable hence SQL injection c
Read more »