Safer PHP4 SQL Query Interface

This software is designed to help PHP developers write applications that are free from vulnerability to SQL injection attacks.

The software is licensed under the MIT License. See the source code for the precise terms and conditions.

MySQL Version

Download Version 1.0

Synopsis

Example Usage


   $link = mysql_connect(...);
   $results = mysql_execute($link,
       "DELETE FROM foo WHERE a = ? AND b = ? AND c = ? AND d = ?",
       array("foo", $b, 5, '5'));
   $real_query = mysql_make_query($link,
       "DELETE FROM foo WHERE a = ? AND b = ? AND c = ? AND d = ?",
       array("foo", "foo\"'\\\x00bar", 5, '5'));
  

DBX Version

Download Version 1.0

Synopsis

Example Usage


   $link = dbx_connect(...);
   $results = dbx_execute($link,
       "DELETE FROM foo WHERE a = ? AND b = ? AND c = ? AND d = ?",
       array("foo", $b, 5, '5'));
   $real_query = dbx_make_query($link,
       "DELETE FROM foo WHERE a = ? AND b = ? AND c = ? AND d = ?",
       array("foo", "foo\"'\\\x00bar", 5, '5'));
  

Related Links

PHP.net
The PHP homepage
SQL Injection Attacks by Example
An explanation of how SQL injection attacks work.