Programming language:SQL

How can I prevent SQL injection in PHP?

Code: SQL

2021-07-12 13:14:14

//Connect
$unsafe_variable = $_POST["user-input"];
$safe_variable = mysql_real_escape_string($unsafe_variable);

mysql_query("INSERT INTO table (column) VALUES ('" . $safe_variable . "')");
//Disconnect

How can I prevent SQL injection in PHP?

Tags

Related

New to Communities?