Packt+ | Advance your knowledge in tech

You're reading from Yii Application Development Cookbook - Second Edition This book is the perfect way to add the capabilities of Yii to your PHP5 development skills. Dealing with practical solutions through real-life recipes and screenshots, it enables you to write applications more efficiently.

Product type Paperback

Published in Apr 2013

Publisher Packt

ISBN-13 9781782163107

Length 408 pages

Edition 2nd Edition

Languages

PHP

Tools

Yii

Concepts

Application Development

Table of Contents (20) Chapters

Yii Application Development Cookbook Second Edition

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

1. Under the Hood FREE CHAPTER

2. Router, Controller, and Views

3. AJAX and jQuery

4. Working with Forms

5. Testing Your Application

6. Database, Active Record, and Model Tricks

7. Using Zii Components

8. Extending Yii

9. Error Handling, Debugging, and Logging

10. Security

11. Performance Tuning

12. Using External Code

13. Deployment

Index

Preventing SQL injections

SQL injection is a type of code injection that uses vulnerability at the database level and allows executing arbitrary SQL, allowing malicious users to carry out such actions as deleting data or raising their privileges.

In this recipe, we will see examples of vulnerable code and fix them.

Getting ready

Create a fresh application by using yiic webapp.
Create and configure a new database.

Execute the following SQL:

CREATE TABLE `user` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `username` varchar(100) NOT NULL,
  `password` varchar(32) NOT NULL,
  PRIMARY KEY (`id`)
);
INSERT INTO `user`(`id`,`username`,`password`) VALUES ( '1','Alex','202cb962ac59075b964b07152d234b70');
INSERT INTO `user`(`id`,`username`,`password`) VALUES ( '2','Qiang','202cb962ac59075b964b07152d234b70');

Generate a User model using Gii.

How to do it...

First, we will implement a simple action that checks if the username and password that came from a URL are correct. Create protected/controllers...

The rest of the chapter is locked

Tech Concepts

Programming languages

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

You're reading from Yii Application Development Cookbook - Second Edition This book is the perfect way to add the capabilities of Yii to your PHP5 development skills. Dealing with practical solutions through real-life recipes and screenshots, it enables you to write applications more efficiently.

Table of Contents (20) Chapters

Preventing SQL injections

Getting ready

How to do it...

Personalised recommendations for you

Create a Free Account To Continue Reading

Sign in to activate your 7-day free access