International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
Volume 149 - Issue 11 |
Published: Sep 2016 |
Authors: Maksy Sendiang, Ottopianus Mellolo, Maureen Langie |
![]() |
Maksy Sendiang, Ottopianus Mellolo, Maureen Langie . Implementation PDO Parameterized Query to Prevent SQL Injection. International Journal of Computer Applications. 149, 11 (Sep 2016), 27-31. DOI=10.5120/ijca2016911619
@article{ 10.5120/ijca2016911619, author = { Maksy Sendiang,Ottopianus Mellolo,Maureen Langie }, title = { Implementation PDO Parameterized Query to Prevent SQL Injection }, journal = { International Journal of Computer Applications }, year = { 2016 }, volume = { 149 }, number = { 11 }, pages = { 27-31 }, doi = { 10.5120/ijca2016911619 }, publisher = { Foundation of Computer Science (FCS), NY, USA } }
%0 Journal Article %D 2016 %A Maksy Sendiang %A Ottopianus Mellolo %A Maureen Langie %T Implementation PDO Parameterized Query to Prevent SQL Injection%T %J International Journal of Computer Applications %V 149 %N 11 %P 27-31 %R 10.5120/ijca2016911619 %I Foundation of Computer Science (FCS), NY, USA
SQL injection is one of threat to the application connected to the database. By implementing SQL injection attacker can gain full access to the application or database so that it can remove even significant data irresponsibly. Applications that do not validate the user’s input appropriately make them vulnerable against SQL injection. Various methods have been developed to prevent SQL injection each with advantages and disadvantages. Implementation of PDO Parameterized Query properly can prevent SQL injection. . PDO not only provides a method to facilitate the implementation of parameterized queries but also makes the code is portable because the PDO can be used on multiple databases. This paper describes the results of research on the use of PDO Parameterized Query on scheduling application. By using PDO Parameterized Query on this application, making it is not vulnerable to attack that caused by SQL injection.