Sendiang, Maksy and Mellolo, Ottopianus and Langie, Maureen (2016) Implementation PDO Parameterized Query to Prevent SQL Injection. Implementation PDO Parameterized Query to Prevent SQL Injection, 149 (11). pp. 27-31. ISSN 0975 – 8887
![]() |
Text (International Jurnal)
26042-26042-2016911619 Download (29kB) |
Abstract
SQL injection is one of threat to the application connected to the database. By implementing SQL injection attacker can gain full access to the application or database so that it can remove even significant data irresponsibly. Applications that do not validate the user‟s input appropriately make them vulnerable against SQL injection. Various methods have been developed to prevent SQL injection each with advantages and disadvantages. Implementation of PDO Parameterized Query properly can prevent SQL injection. . PDO not only provides a method to facilitate the implementation of parameterized queries but also makes the code is portable because the PDO can be used on multiple databases. This paper describes the results of research on the use of PDO Parameterized Query on scheduling application. By using PDO Parameterized Query on this application, making it is not vulnerable to attack that caused by SQL injection. Keywords PDO, parameterized query, SQL injection
Item Type: | Article |
---|---|
Subjects: | M Informatika > MD Karya Ilmiah |
Divisions: | Teknik > Jurusan Teknik Elektro |
Depositing User: | Maksy Sendiang |
Date Deposited: | 29 Jul 2018 15:42 |
Last Modified: | 29 Jul 2018 15:42 |
URI: | http://repository.polimdo.ac.id/id/eprint/1613 |
Actions (login required)
![]() |
View Item |