![Trending Articles on Technical and Non Technical topics](/images/trending_categories.jpeg)
Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Shortcomings of mysql_real_escape_string?
The shortcoming of mysql_real_escape_string is as follows −
It has main shortcoming in the modern API while we are making prepared statement. This has another shortcoming for every possible attack when you will typecast.
Let us see the typecast syntax in MySQL −
(TypeCast)mysql_real_escape_string($_REQUEST['anyColumnName']));
In the above syntax, we are typecasting, but in this case, it is not safer for every possible attack. The other cases include the following −
- It is not type safe.
- It is not for injection attack.
Advertisements