How to prevent attacks sql injection?

Question

I would like to know how you can make your own site COMPLETELY secure to the attacks of type Sql Injection. I read that it would be enough to enable the magic quote gpc in the htaccess file. Is this enough? There are other tricks? How to understand if a script is open to Sql Injection? For example, this snippet is closed to the attacks sql jection?

$sql = $_REQUEST['id'];
$sql = mysql_real_escape_string($sql);
        $Query = "DELETE FROM Y WHERE id = ".$sql;

For example, large sites like facebook or google how to prevent this type of attack? Sorry for my english...

P.S. i'm not able to program with the paradigm OOP

score 0 · Answer 1 · edited May 23 '17 at 11:49

0

see here for better understanding sql injection attacks

http://www.unixwiz.net/techtips/sql-injection.html

and here for prevent sql injection attacks

How can I prevent SQL injection in PHP?

edited May 23 '17 at 11:49

Community

1
1

answered Jun 08 '13 at 05:05

Mohammad Masoudian

3,483
7
27
45

How to prevent attacks sql injection?

1 Answers1