Does the PHP SELECT statement need to use preprocessing to prevent SQL injection?

Does the PHP SELECT statement need to use preprocessing to prevent SQL injection?

Reply content:

Does the PHP SELECT statement need to use preprocessing to prevent SQL injection?

Some things you should know about SQL injection http://www.codefrom.com/t/%E5%85%B3%E4%BA%8Esql%E6%B3%A8%E5%85%A5%EF%BC%8C%E4%BD%A0%E5%BA%94 %e8%af%a5%e7%9f%a5%e9%81%93%e7%9a%84%e4%b8%80%e4%ba%9b%e4%b8%9c%e8%a5%bf

SQL queries are required in order to prevent them from being constructed into other statements.

Required, use PDO or mysqli

Of course you do.

select * from tableA;insert  *** where 1=1;

That's clear.

