Jump to content

PHP & SQL Injections


Recommended Posts

Hey there Stefan, sort of a question pointed to you, I am creating a site using WordPress as its CMS and within that will also be a phpBB Forum - using the same SQL Database. It seems like it will be very vulnerable to Php\SQL injection attacks.


Do you have any tips or “best practices” for me to use that will lessen how vulnerable the site might be.


One thing I must ask with the above, how would I add Hash Function on the Data? I assume that only works for MySQL queries, will I be able to use it for the phpBB and WordPress users and site safety?


(I am still very much new to PHP and coding; all I know is self-taught, so some of the things discussed here: http://php.net/manual/en/security.database.sql-injection.php are a bit beyond me, like how I would implement the techniques etc.)



Link to comment
Share on other sites

I would imagine that if you're using established CMS like Wordpress and forum software like phpBB then you should be safe from SQL Injections. It's only if you're writing your own blog software with PHP or forum software that you'd need to worry about this stuff i think ...

Link to comment
Share on other sites

Thanks very much for the reply! I’m much more at ease. I certainly hope that’s the case though :/ There are currently 13000+ members using a free group service, and this new thing will replace that, so I wouldn’t want to put their personal details or the site-itself in jeopardy by not making sure it was as secure as possible.


(Seriously wicked site you’ve got BTW, the design is great!)



Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...