SQL Injection & Prevention PHP/MySQL
You all know about SQL Injection. To avoid this issue in PHP/MySQL. Just use mysql_real_escape_string() mysql_real_escape_string() calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following characters: x00, n, r, , ', " and x1a. This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.…