Are there any differences between SQL Server and MySQL when it comes to preventing SQL injection?

后端 未结 9 2474
北荒
北荒 2021-02-13 17:21

I am used to developing in PHP/MySQL and have no experience developing with SQL Server. I\'ve skimmed over the PHP MSSQL documentation and it looks similar to MySQLi in some of

9条回答
  •  臣服心动
    2021-02-13 17:51

    Stored procedures. That's it. Deny access to any other operation other than executing stored procedures. This way you only allow a certain set of requests to be made to your database, thus eliminating any form of SQL Injection.

    Both support Stored Procedures, BUT, in MSSQL they are easier to debug, because error messages are much clearer.

提交回复
热议问题