Optimised coding
Hi there,
What are the optimized coding methods to pages get loaded easily and not hack-able???
3 Answers
SQL-injection vulnerabilities due to incorrect usage of mysql_query()
This might be a controversial opinion, but I belive that it's a mistake to use the old family of mysql functions. These are the family of functions prefixed with mysql_. There isn't really anything wrong with them as long as you use them correctly, but unfortunately I've found that most of the time they just aren't used correctly. The end result is that we have sites all over the internet vulnerable to SQL injection. A better choice is to use an API that supports prepared statements, which solves this problem completely. MySQLi is such a family of functions, and for security purposes it's fine. However, I believe that the API is a bit of a pain to use. The main basis for that opinion is the fact that you simply cannot retrieve the result of a prepared statement as an array. The best option is to use PDO. It's a modern database agnostic wrapper that supports flexible prepared statements and results in modern, safe and readable code. It's a joy to work with. We should all stop teaching beginners the old functions and show them how to use and become comfortable with PDO from the start. Posted: Rody.Adel Edited: Rody.Adel 0 of 0 people found this answer helpful. Did you? Yes No That's it for now
Posted: dhosam2 Edited: dhosam2 0 of 0 people found this answer helpful. Did you? Yes No
take a look
Posted: MacOS 2 of 2 people found this answer helpful. Did you? Yes No Thanx Mr.MacOs |
© Advanced Web Core. All rights reserved