Our current project requires that users could store website urls in different languages using MySQL db. How could I implement this without SQL injection attacks or indirect ways (such as MD5ing the url, BASE64ENCODEing of the given url).
Asked
Active
Viewed 157 times
2
-
1Create a database with a UTF-8 collation (so a wide range of characters are supported) and make sure you use PDO and parameterisation (to avoid SQL injection). You don't need to base64 the URL in the database, and if you just MD5 it, you won't be able to retrieve it. – halfer Apr 21 '13 at 08:03
-
thanks halfer. What you said is very useful. – webblover Apr 21 '13 at 08:06
1 Answers
0
If you want to retrieve and decode the stored URLs later, MD5 is not an option since it is a one-way hashing function
Base64 encoding is more appropriate in this context.
iTech
- 17,211
- 4
- 52
- 78
-
why should we use Base64 encoding? Is urlencode() and urldecode() functions in PHP not enough for this? Or is there anything beneficial in using Base64 encoding? – webblover Mar 10 '14 at 16:35