Let's talk about why you should do this to prevent SQL injection. When we log in, the front desk is usually registered and then log in, and then the administrator is not the same, the administrator is not registered, but the Super administrator added. And some illegal elements use SQL injection can be a perfect login background to manage, do some illegal operation. To prevent this type of person, do some anti-SQL injections if necessary
The main frame of the PHP background will usually bring this function.
But also need to understand the principle of filtering, the following is my summary of the method to prevent SQL injection
1. Before the correct, the special characters are filtered out.
2. The back end is filtered again, the regular, intval function what the line (to prevent the use of other tools to pass the parameter) can encapsulate a public class
3. Using PHP to extend PDO to prevent database operation
4. If the same IP frequently requests an interface, block the IP for five minutes
5. Restrict database permissions to ensure database security
6. Try to avoid the use of the Eval function
7. If a database has been modified, the use of contingency measures
PHP Anti-SQL injection