{"id":14469,"date":"2022-10-07T23:35:07","date_gmt":"2022-10-07T18:05:07","guid":{"rendered":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/"},"modified":"2022-10-07T23:35:07","modified_gmt":"2022-10-07T18:05:07","slug":"solved-prevent-sql-injection-in-this-php-code","status":"publish","type":"post","link":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/","title":{"rendered":"[Solved] Prevent SQL Injection In This PHP Code"},"content":{"rendered":"

[ad_1]
\n<\/p>\n

\n
\n
<\/div>\n
\n
\n

You can ask the database to secure your table and column names, using quote_ident()<\/a>, before you create the query you want to execute. You need something like this:<\/p>\n

<?php\n$table=\"table name\"; \/\/ unsafe\n$column = 'column name'; \/\/ unsafe\n$result = pg_query_params($connection, \n  'SELECT quote_ident(CAST($1 AS text)), quote_ident(CAST($2 AS text));', \n  array($table, $column)\n);\n\n$table = pg_fetch_result($result, 0, 0); \/\/ safe\n$column = pg_fetch_result($result, 0, 1); \/\/ safe\n\n$sql=\"INSERT INTO \".$table.'('.$column.') VALUES($1);';\n\necho $sql;\n\n$result = pg_query_params($connection, $sql, array('foo'));\n?>\n<\/code><\/pre>\n<\/p><\/div>\n
<\/div>\n<\/div>\n
            <\/span> <\/p><\/div>\n<\/div>\n
[ad_2]<\/p>\n
solved Prevent SQL Injection In This PHP Code <\/p>\n","protected":false},"excerpt":{"rendered":"
[ad_1] You can ask the database to secure your table and column names, using quote_ident(), before you create the query you want to execute. You need something like this: <?php $table=”table name”; \/\/ unsafe $column = ‘column name’; \/\/ unsafe $result = pg_query_params($connection, ‘SELECT quote_ident(CAST($1 AS text)), quote_ident(CAST($2 AS text));’, array($table, $column) ); $table = … Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[320],"tags":[339,623,343],"class_list":["post-14469","post","type-post","status-publish","format-standard","hentry","category-solved","tag-php","tag-postgresql","tag-sql-injection"],"yoast_head":"\n[Solved] Prevent SQL Injection In This PHP Code - JassWeb<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"[Solved] Prevent SQL Injection In This PHP Code - JassWeb\" \/>\n<meta property=\"og:description\" content=\"[ad_1] You can ask the database to secure your table and column names, using quote_ident(), before you create the query you want to execute. You need something like this: <?php $table="table name"; \/\/ unsafe $column = 'column name'; \/\/ unsafe $result = pg_query_params($connection, 'SELECT quote_ident(CAST($1 AS text)), quote_ident(CAST($2 AS text));', array($table, $column) ); $table = ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\" \/>\n<meta property=\"og:site_name\" content=\"JassWeb\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-07T18:05:07+00:00\" \/>\n<meta name=\"author\" content=\"Kirat\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kirat\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\"},\"author\":{\"name\":\"Kirat\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31\"},\"headline\":\"[Solved] Prevent SQL Injection In This PHP Code\",\"datePublished\":\"2022-10-07T18:05:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\"},\"wordCount\":47,\"publisher\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#organization\"},\"keywords\":[\"php\",\"postgresql\",\"sql-injection\"],\"articleSection\":[\"Solved\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\",\"url\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\",\"name\":\"[Solved] Prevent SQL Injection In This PHP Code - JassWeb\",\"isPartOf\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#website\"},\"datePublished\":\"2022-10-07T18:05:07+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jassweb.com\/solved\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"[Solved] Prevent SQL Injection In This PHP Code\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jassweb.com\/solved\/#website\",\"url\":\"https:\/\/jassweb.com\/solved\/\",\"name\":\"JassWeb\",\"description\":\"Build High-quality Websites\",\"publisher\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jassweb.com\/solved\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jassweb.com\/solved\/#organization\",\"name\":\"Jass Web\",\"url\":\"https:\/\/jassweb.com\/solved\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png\",\"contentUrl\":\"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png\",\"width\":693,\"height\":132,\"caption\":\"Jass Web\"},\"image\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31\",\"name\":\"Kirat\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1775798750\",\"contentUrl\":\"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1775798750\",\"caption\":\"Kirat\"},\"sameAs\":[\"http:\/\/jassweb.com\"],\"url\":\"https:\/\/jassweb.com\/solved\/author\/jaspritsinghghumangmail-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"[Solved] Prevent SQL Injection In This PHP Code - JassWeb","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/","og_locale":"en_US","og_type":"article","og_title":"[Solved] Prevent SQL Injection In This PHP Code - JassWeb","og_description":"[ad_1] You can ask the database to secure your table and column names, using quote_ident(), before you create the query you want to execute. You need something like this: <?php $table=\"table name\"; \/\/ unsafe $column = 'column name'; \/\/ unsafe $result = pg_query_params($connection, 'SELECT quote_ident(CAST($1 AS text)), quote_ident(CAST($2 AS text));', array($table, $column) ); $table = ... Read more","og_url":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/","og_site_name":"JassWeb","article_published_time":"2022-10-07T18:05:07+00:00","author":"Kirat","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kirat","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/#article","isPartOf":{"@id":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/"},"author":{"name":"Kirat","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31"},"headline":"[Solved] Prevent SQL Injection In This PHP Code","datePublished":"2022-10-07T18:05:07+00:00","mainEntityOfPage":{"@id":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/"},"wordCount":47,"publisher":{"@id":"https:\/\/jassweb.com\/solved\/#organization"},"keywords":["php","postgresql","sql-injection"],"articleSection":["Solved"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/","url":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/","name":"[Solved] Prevent SQL Injection In This PHP Code - JassWeb","isPartOf":{"@id":"https:\/\/jassweb.com\/solved\/#website"},"datePublished":"2022-10-07T18:05:07+00:00","breadcrumb":{"@id":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jassweb.com\/solved\/solved-prevent-sql-injection-in-this-php-code\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jassweb.com\/solved\/"},{"@type":"ListItem","position":2,"name":"[Solved] Prevent SQL Injection In This PHP Code"}]},{"@type":"WebSite","@id":"https:\/\/jassweb.com\/solved\/#website","url":"https:\/\/jassweb.com\/solved\/","name":"JassWeb","description":"Build High-quality Websites","publisher":{"@id":"https:\/\/jassweb.com\/solved\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jassweb.com\/solved\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jassweb.com\/solved\/#organization","name":"Jass Web","url":"https:\/\/jassweb.com\/solved\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/","url":"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png","contentUrl":"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png","width":693,"height":132,"caption":"Jass Web"},"image":{"@id":"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31","name":"Kirat","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/person\/image\/","url":"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1775798750","contentUrl":"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1775798750","caption":"Kirat"},"sameAs":["http:\/\/jassweb.com"],"url":"https:\/\/jassweb.com\/solved\/author\/jaspritsinghghumangmail-com\/"}]}},"_links":{"self":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/posts\/14469","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/comments?post=14469"}],"version-history":[{"count":0,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/posts\/14469\/revisions"}],"wp:attachment":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/media?parent=14469"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/categories?post=14469"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/tags?post=14469"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}