PHP Database Security and the Prevention of SQL Injection Attacks

A quick overview of PHP and MySQL

php logo

What is PHP?

PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely used general-purpose scripting language that is especially suited for web development and can be embedded into HTML.
Credit: www.php.net

Example PHP code snippet
            
            <!DOCTYPE html>
            <html>
            <head>
            	<title>Title of the document</title>
            </head>
            
                <body>
                    <?php
                    
                        // Example php function with one parameter
                        function sayText($string) {
                            echo 'php says '.$string.'!';	
                        }
                        
                        // Example function call
                        // Should print to the screen 'php says Hello There!'
                        sayText("Hello There");
                        
                    ?>
                </body>
            
            </html>
            
        
mysql logo

What is MySQL?

MySQL is a fully open-source relational database management system that runs on a server providing multi-user access and permissions to a number of databases.

Example MySQL statement to retrieve the username associated with userid 123
            
           		'SELECT username FROM table_users WHERE userid = 123'
            
        

Next Slide >><< Previous Slide

You are currently on slide 2 of 10