![]() ![]() You can also harden your site to SQL injection by using a data-layer. he gets seven points, because he got it there and did so much more securely than passing information through the URL. User interface hands off the ball to the PDO which carries it down field and plants it into the database for a 7-point TOUCHDOWN. ![]() Using the PDO, all of this is done under the user interface level. (Capitals are Capitals, no leading or trailing spaces, all dates at properly formed.)īut there are a few nuances to this which you might not be aware of.įirst of all, up until now, you've probably written all your queries in something similar to the URL, and you pass the parameters using the URL itself. ![]() By using this layer, data can be normalized before being inserted into your data structure. The purpose of using this is to implement an additional layer of security between the user interface and the database. PDO_MYSQL is the driver that will implement the interface between the dataobject(database) and the user input (a layer under the user interface called "code behind") accessing your data object, the MySQL database. ![]()
0 Comments
Leave a Reply. |