Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Information Security: a . Suppose there is a form as below: In the record _ message.php below, give an example of the SQL injection by

Information Security:
a. Suppose there is a form as below:
In the record_message.php below, give an example of the SQL injection by entering extra strings in the name textbox after name?. (5 pts)
?php
$name = $_POST['name'];
$message = $_POST['message'];
// check if this user already has a message
$pdo->query("SELECT ** from messages where name = $name");
// Other code here
(b) In the above example, we want to use the prepared statement with bindParam to prevent the SQL injection. (20 pts)
Step 1 Defining your query string, and marking placeholders using question marks.
$:
Step 2, Prepare the statement in MySQL, assigning the results to a PHP variable $stmt:
$stmt = $pdo->prepare ,;Information Security:
a. Suppose there is a form as below:
In the record_message.php below, give an example of the SQL injection by entering extra strings in the name textbox after name?. (5 pts)
?php
$name = $_POST['name'];
$message = $_POST['message'];
// check if this user already has a message
$pdo->query("SELECT ** from messages where name = $name");
// Other code here
(b) In the above example, we want to use the prepared statement with bindParam to prevent the SQL injection. (20 pts)
Step 1 Defining your query string, and marking placeholders using question marks.
$:
Step 2, Prepare the statement in MySQL, assigning the results to a PHP variable $stmt:
$stmt = $pdo->prepare ,;
image text in transcribed

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Expert Performance Indexing In SQL Server

Authors: Jason Strate, Grant Fritchey

2nd Edition

1484211189, 9781484211182

More Books

Students also viewed these Databases questions

Question

=+vii. Bullet points to emphasize important ideas.

Answered: 1 week ago