MySQL上SQL注入安全性的最佳解决方案是什么? [英] What is the best solution for SQL injection security on MySQL?

问题描述

运行字符串以确保无法进行MySQL注入的最佳功能是什么?

What is the best function to run my strings through to ensure that MySQL injection is impossible?

还需要在输出过程中通过其他功能运行它以使其正确显示吗?

Also, will it require running it through another function on the way out to make it display correctly?

参数是否真的足以阻止Sql注入?
带有in子句的C#参数化查询MySQL
可以防止SQL注入吗通过转义单引号和 与周围的用户输入 单引号?

Are Parameters really enough to prevent Sql injections?
C# Parameterized Query MySQL with in clause
Can I protect against SQL Injection by escaping single-quote and surrounding user input with single-quotes?

推荐答案

参数化查询

这篇关于MySQL上SQL注入安全性的最佳解决方案是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！