这足够安全吗?
[英]Is this secure enough?
问题描述
I'm new with PDO, and I just wanted to know if this code: 
我是PDO的新手,我只是想知道这段代码:
$string = $_POST['string'];
$matches = $SQL->prepare("SELECT * FROM `users` WHERE `name` LIKE ?");
$matches->execute(array('%'.$string.'%'));
foreach($matches->fetchAll() as $match) {
echo $match["name"]."<br/>";
}
Is secure enough? 足够安全吗? I just wan't to be sure and prevent from hacking. 我只是不确定并防止黑客入侵。 This code will withdraw all users from the database with name like in the $string variable. 此代码将从数据库中撤消所有users ,其名称类似于$string变量。
Feel free to post your solutions also! 随意发布您的解决方案!
1 个解决方案
解决方案1
4 2011-10-09 05:49:22
在执行查询之前,PDO将自动转义为其提供的任何输入,因此就SQL注入攻击而言,它是安全的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
这个登录系统足够安全吗? - Is this login system secure enough?
“图像”规则是否足够安全? - Is 'image' rule secure enough?
这是否足够安全,用于散列 - Is this secure enough, for hashing
这些步骤是否足以保护站点? - Are these steps enough to secure a site?
这个用户是否足够安全? - Is this user auth secure enough?
PHP的检查会议足够安全? - php checking session secure enough?
我的PDO INSERT INTO是否足够安全? - Is my PDO INSERT INTO enough secure?
PHP密码保护足够安全 - PHP password protection secure enough
使用安全性和会话,这是否足够安全? - Working with Security and Sessions, is this secure enough?
使用一个会话足够安全吗? - Is using one session secure enough?
相关标签