Posts Tagged with "sql"

SQL injections. Preventive security.

Posted by Stanislav Furman on June 19, 2019

With this article I want to start a series of articles about web applications security. This topic is truly interesting, sometimes challenging and, of course, very important for any web developer. Even if you think that your website is small and is not attractive to hackers, keep in mind that your website, if it is vulnerable, can be used to trick random users or even attack an external system. For example, using a security hole in your system an attacker can spread an exploit.

In this article I will talk about preventive measures against SQL Injections (aka SQLi). Those are preventive measures that may help in case you have legacy code, or someone in your team accidentally (or blindly) writes code vulnerable to SQLi.

Continue reading

How to update fields from another table in MySQL

Posted by Stanislav Furman on May 28, 2014
Read how to update a bunch of fields from another table in MySQL

Meet AMPPS - a good alternative for XAMPP and WAMP

Posted by Stanislav Furman on October 7, 2013

Meet AMPPS - a good alternative for XAMPP and WAMP  

For those who is looking for a good alternative for XAMMP or WAMP web server stacks. There is a very good option called AMPPS!

The listed number of provided features is impressive. Unlike the other solutions Ampps comes with over 300 PHP web applications, over 1000 PHP classes and libraries including Joomla!, WordPress, Magento, Dolphin and more. 

Very easy to install and manage services with the administration panel. You can easily switch PHP versions with only one-click action.

One thing to notice though... Despite the fact that there are several versions of PHP included, you cannot switch MySQL version which, to be honest, I don't find too critical.

Server configuration is also very straightforward using the web panel. If you mess up the configuration, you can reset it to default state which might be useful sometimes. :)

Also it is very easy to update! The app has built-in updater which makes life way easier when it comes to update Ampps.

Concatenating NULL and blank fields in MySQL

Posted by Stanislav Furman on May 17, 2013
How to concatenate empty and null fields in MySQL database

How to protect against SQL injection, and why SQL injection is dangerous

Posted by Stanislav Furman on May 14, 2013
What is SQL injection? Why SQL injection is dangerous? How to protect against SQL injection?

MySQL. How to insert a row or update if exists in MySQL.

Posted by Stanislav Furman on February 25, 2013

Being a web developer, I personally like short solutions, and when I code, I try to write as less code as possible. At the same time the code has to be readable for other developers without using comments.

If you want to combine create/update function into one, MySQL offers you a very useful statement : INSERT ... ON DUPLICATE KEY UPDATE.

Continue reading

Visual Representation of SQL Joins on a graphical diagram

Posted by Stanislav Furman on February 18, 2012

For some programmers (especially for begginers) it might be a bit difficult to understand how do SQL joins work in real life. In fact, sometimes even experienced software developers are not able to explain what is the difference between JOINLEFT JOIN and RIGHT JOIN.

Luckily, I found, perhaps, one of the best visual representations of SQL joins I have ever seen which will definately help to understand the mechanism of SQL joins.

Visual Representation of SQL Joins, graphic diagram


See more graphical diagrams and explanations here