Zee XiongSoftware Testing Engineer
  • resume
  • facebook
  • github
  • linkedin

I made a breakthrough in my MVC application

Posted on August 12, 2019518 views2 min read

Alright so this was actually a week ago (August 4th, 2019), but I didn't have the time and chance to write this post. I finally am able to restrict people from writing in SQL Injection. This will prevent people from making it worse for themselves. In my restriction, I am able to restrict people from putting in raw variables into the SQL query. Here are examples of what I've restricted. 

// First example
$sql = 'SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = $id';

// Second example
$sql = "SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = $id";

// Third example
$sql = "SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = '$id'";

// Fourth example
$sql = 'SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = ' . $id;

// Fifth example
$sql = 'SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = ' . $id . '';

// Sixth example
$sql = "SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = " . $id;

// Seventh example
$sql = "SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = " . $id . "";

// Eighth example
$sql = "SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = " . $id . '';

// Ninth example
$sql = 'SELECT id, name FROM ' . DB_PREFIX . 'users WHERE id = ' . $id . "";
All of these examples are restricted and you can no longer do anything like this. You should never in the first place be able to do anything like this. This is just asking for trouble. So I have restricted this so people can start writing actual clean code. You will also receive these error pages if you don't remove the bad coding practices from your code. SQL Injection Detected SQL Injection Detected

Menu

  • Homepage
  • Ireland Trip
  • Gallery
  • Florida
  • Japan Trip

Blogs (Last 6 submitted)

Creating a Docker registry hub

Hello everyone! So this article will be on how you can create your own Docker registry hub and push your own Docker images to it. So before we start, here are the prerequisites. They're obvious, but let's make sure.

My Deployment Process - BTS (Behind The Scenes)

Alright so I've made a video in the past on how I do my deployments, but I've never really went into details on what is actually going on and how it actually works.

12 Must Use Docker Commands (Docker - Zero to Hero)

We all know Docker is a powerful tool for developers and it allows us to spin up systems to run our applications on without impacting the host machine. This allows us to have our applications in a containerized bubble and allows us to monitor such a system with various built-in Docker commands.

Introduction to Docker

Hey all! So I really wanted to make a video on this stuff, but it seems like every time I hit the record button, I'm always hitting the 25 minute mark. I don't think you guys want to sit there and listen to be ramble off for 25 minutes so I guess I'll just write up a blog article here.

The Application Documentation (MVC)

Ok, so this is pretty simple. It's sort of like CodeIgniter, but I took it a step further (or backwards depending on how you view it).

New changes to The Application

So, there has been a lot of changes I made to The Application. These changes are major as I re-wrote the entire core files. I decided to do so because I felt like it was somehow incomplete.

Get in touch

Just reach out to me via my social network or my email via my resume.

© Copyright 2025. Zee Xiong All Rights Reserved.