Ok so me and a friend are doing a mini presentation on PHP security

Question

0

Asked: May 13, 20262026-05-13T00:14:45+00:00 2026-05-13T00:14:45+00:00

Ok so me and a friend are doing a mini presentation on PHP security

0

Ok so me and a friend are doing a mini presentation on PHP security (I’m not really into PHP though) and he asked me to find some examples of vulnerable PHP code (one that is prone to SQL injections and all other types of attacks). I was wondering are there any websites with both good and bad pieces of code showing how you should and shouldn’t code?

Basically I will put them into our website and he will try to hack it, then we will show the “proper” website and he will try to hack it again.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-13T00:14:45+00:00

SQL injection is easy:

$var = $_POST['var'];
mysql_query("SELECT * FROM sometable WHERE id = $var");

This is easily solved by:

$var = mysql_real_escape_string($_POST['var']);

The other common one is XSS (cross site scripting):

$var = $_POST['var'];
echo "<div>$var</div>\n";

allows you to inject Javascript that is run from your site. There are several ways of dealing with this, for example:

$var = strip_tags($_POST['var']);

and

$var = filter_var($_POST['var'], FILTER_SANITIZE_STRING);

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Ok so me and a friend are doing a mini presentation on PHP security

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply