PHP regex for checking if it contains any sql
Question
How can I use PHP preg_match for a string to check if it contains any sql? Not for preventing SQL injection but just to tell if it contains a sql statement
1 answers
solution1
3 2014-11-17 18:00:44
Checking a string for SQL is not worth your time or resources for that matter. If the goal is to prevent injection you should use PDO .
$stmt = $pdo->prepare('SELECT * FROM employees WHERE name = :name');
$stmt->execute(array('name' => $name));
foreach ($stmt as $row) {
// do something with $row
}
Reference material: How can I prevent SQL injection in PHP?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Checking if sql query has any results in PHP
PHP checking if variable from (POST) contains any numeric values
php regex for checking a string
Regex for php contains and not contains letters
Regex PHP IF contains and limit
Checking if sentence contains a word in PHP
Checking that a value contains only digits, regex or no?
Checking to see if a string contains any characters
PHP - folksonomy tag checking regex
Splitting SQL column name and if any from their aliases using Regex [PHP]
Related Tags