Is this safe for SQL injections?

This is not safe you have to use pdo for query to secure sql-injections.
here good document avilabe to prevent sql injections

url : https://paragonie.com/blog/2015/05/preventing-sql-injection-in-php-applications-easy-and-definitive-guide

Is there any good topic to know how to test script for SQL injections?

I find the OWASP site helpful eg.

https://www.owasp.org/index.php/Testing_for_MySQL

1 Like

I find these links rather misleading.
First one tells you to “Escape All User Supplied Input” which is a nonsense.
The second one tells you nothing on how to test but only how to exploit an already found vulnerability.

As a testing tool I would rather recommend http://sqlmap.org

Thanks will take a look on it!

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.