How to Prevent SQL Injection

[SimplySidy]

Well, I have heard a lot on SQL Injection and have googled it, read a lot about it. Simply stated, it is some malicious SQL Code injected into the SQL of the code via the input forms.

Can anyone refer me some tips, guides or other material wherein I could learn how to prevent this from happening ?

 

[george.vladd37]

If you are using php/mysql, a good thing is always to use mysql_real_escape_string($myvariable) for your $variables.
Especially for the ones that comes from the users (e.g. from a register form)

 

[webdevelopment]

hi,i don't know about how to prevent sql injuction but php use mysql.