(php) select all data from a table and making it safe against sql injection | Sololearn: Learn to code for FREE!
New course! Every coder should learn Generative AI!
Try a free lesson
0

(php) select all data from a table and making it safe against sql injection

I want to select all data from a table with a sql query like : 'SELECT * FROM tablename', but won't this make the db exposed to a sql injection? I mean I could make a prepared statement, so for example: 'SELECT * FROM tablename WHERE name = :name', and then use bindParam, but doing like so i would call only a row from the table, and i want to call all the rows. am i missing something?

sqlphp
14th Jul 2020, 8:03 AM
Francesco Paolini
Francesco Paolini - avatar
1 Answer
+ 4
as far as i know sqlinjection only ultilize user input. so if there's no user input in your query, you dont need to use preparedStatement.
14th Jul 2020, 8:06 AM
Taste
Taste - avatar

Often have questions like this?

Learn more efficiently, for free:

See all courses
Hot today
Android studio Tutorial
0 Votes
Why output is 0 for from_chars
2 Votes
Cyber security
0 Votes
i have error on line 29 please help
0 Votes
Personal chat
1 Votes
Bash
0 Votes
Help
0 Votes
Why exception is not handled
1 Votes
Error...
1 Votes
Link
5 Votes