I currently use c language to process the http event, and I need to do the SQL operation with mysql, then how to prevent the SQL injection, is there any c library for that,thank you?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I currently use c language to process the http event, and I need to do the SQL operation with mysql, then how to prevent the SQL injection, is there any c library for that,thank you?
The way you prevent SQL injection (or shell escape injection, etc.) is not passing unquoted literal strings to an interface that treats some characters as special. You need to transform string data to a safe quoted form before including it as part of a larger “command string” that will be interpreted by an SQL database, shell, external command, API that takes URI strings, etc.