Are there any differences between SQL Server and MySQL when it comes to preventing SQL injection?

后端 未结 9 2478
北荒
北荒 2021-02-13 17:21

I am used to developing in PHP/MySQL and have no experience developing with SQL Server. I\'ve skimmed over the PHP MSSQL documentation and it looks similar to MySQLi in some of

9条回答
  •  傲寒
    傲寒 (楼主)
    2021-02-13 17:34

    With MSSQL you can utilize stored procedures to reduce risk of sql injection. The stored procedures would accept input in various types, so it would be hard to pass in string with sql commands.

    also check out http://msdn.microsoft.com/en-us/library/ms161953.aspx

提交回复
热议问题