This question already has an answer here:
I want to know how to protect my website from hacker. I am a php-mysql developer. For fetching data from database i always use mysqli. For prevent my website from sql injection i always use $db->real_esacpe_string() function of php. For prevent my website from XSS(Cross site scripting) i used this function
function parsing($text)
{
global $db;
$text=$db->real_escape_string($text);
$text= @trim($text);
$text= strip_tags($text);
if(get_magic_quotes_gpc()) {
$text= stripslashes($text);
}
$text=str_replace('<','',$text);
$text=str_replace('>','',$text);
$text=htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
return($text);
}
$name=parsing($_POST['name']);
Any suggestion from your side is welcomed. Thanks in advance.
</div>
With all of does done i don't think a hacker can delete or access your database.
But there are also many other techniques a hacker can use in hacking your website.
Like
Which there are also different ways of protecting your website against them.