John works as a Professional Penetration Tester. He has been assigned a project to test the Website security of www.we-are-secure Inc. On the We-are- secure Website login page, he enters =’or”=’ as a username and successfully logs on to the user page of the Web site. Now, John asks the we-aresecure Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve the security of the we-are-secure Website login page from the SQL injection attack?
Question:
Which of the following suggestions can John give to improve the security of the we-are-secure Website login page from the SQL injection attack?
Options:
Use the escapeshellarg() function
Use the session_regenerate_id() function
Use the mysql_real_escape_string() function for escaping input
Use the escapeshellcmd() function
Correct Answer
The Correct Answer for this Question is
Use the mysql_real_escape_string() function for escaping input
