SQL Injection Prevention System Using PHP

Authors

Purba Das
Department of Computer Science & Engineering, Techno College of Engineering Agartala
Sumana Datta
Department of Computer Science & Engineering, Techno College of Engineering Agartala

Synopsis

Background: As of late many web developers are unaware of how SQL queries can be tampered with, and assume that an SQL query is a trusted command. [1]. AES (Advanced Encryption Standard) encryption technique, the transection and user account can be made secred. [2]. AES encryption is also used to encrypt the user’s card and password information while transaction. [3]. Once makes a successful transection admin will get a report to this bought product. 

Objectives: This project is to develop a secure path for transaction done by the user. Using AES (Advanced Encryption Standard) encryption technique, the transaction and user account details can be made secured. AES encryption is also used to encrypt the user’s card and password information while transaction.

Methodology: In this paper we are focusing on the prevention methods performs encoding on the string before storing it into the database. This will help in reduction of these attacks.

Result & Discussion: By doing series of injection, after the input string are fed with and we instruct the database to respond with any type of error message. Then all these input strings are injected and the desired result will be displayed.

Conclusion & Future Work: In this paper, we have exhibited various methods or techniques for detecting and preventing SQL injections. To achieve this, we first found out the various types of known SQL injection. A set of injection are revealed in this paper.

MISS2021
Published
January 28, 2022