Category Archives: Database

MySQL Header

Coding MySQL PHP calls the correct way

A vast majority of websites are coded using PHP. Chances are if you have a PHP website, it is being driven by a MySQL database back-end… and the chances are that the code you are using to get data to and from the PHP script to the MySQL includes the MySQL functions.

MySQL functions are quick and easy to implement; however they contain gaping security holes that easily allow SQL injections and cross site scripting attacks. For this reason, using the MySQL functions is being strongly advised against, by anyone in the know, including the PHP developers themselves. In short, it is essential that you remove these functions for the security of your website. At this point, a lot of developers may shy away from having to update what could be hundreds of scripts, however the changes required are actually not too much different than what you already have and in the end, is essential for the security of your website and services.

Continue reading