Home/ Questions/Q 6101815
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T13:32:34+00:00

I’m building a MVC application for managing a creative portfolio (Going to put it

  • 0

I’m building a MVC application for managing a creative portfolio (Going to put it on git hub). I need something to secure the DB connections, basically I have one class to manage ALL DB transactions.

I need to either create a class or find a class that can protect all SQL queries from XXS or SQL Attacks. What suggestions do you have for securing PHP Database connections?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    just try to filter you POST,GET requests with this function

    function protect($string) 
 { 
      if (ini_get('magic_quotes_gpc') == 'off') // check if magic_quotes_gpc is on and if not add slashes
            { 
             $string = addslashes($string); 
            }  
// move html tages from inputs
$string = htmlentities($string, ENT_QUOTES);
//removing most known vulnerable words
$codes = array("script","java","applet","iframe","meta","object","html", "<", ">", ";", "'","%");
$string = str_replace($codes,"",$string);
//return clean string
return $string; 
}

    you can easily apply it for the whole input using array_map function

    $input = array_map('protect','$_POST');
$input = array_map('protect','$_GET');
    • 0