Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is this code 100% safe from sql injection:
$id = $_GET['id']
mysql_query('SELECT * FROM mytable WHERE id < ' . (int)$id);
or do I have to do this?
$id = $_GET['id']
mysql_query('SELECT * FROM mytable WHERE id < ' . mysql_real_escape_string($id));
The query could still blow up if
$_GET['id']is empty, or(int)$_GET['id']evaluates to empty. You’d end up with a syntax error in the query. It’s not enough to blindly escape or type-cast a value and stuff it into a query. You have to check that the final “safe” value is actually safe and not just a wolf in grandma’s clothes.