Primary Key, Foreign key And SQL Injection

Primary Key:

  • It is combination of  unique AND not null does not accept null values and duplicate values.
  • It must contain a unique value for each row of data.
  • A primary key is either an existing table column or a column that is specifically generated by the database according to a defined sequence
How assign primary key
Create table student(stdno int primary key)

Foreign Key :

  • By using this constraint we can create relationship between two tables.
  • one is primary key column another one is foreign key column.
  • this constraint checks below condition in the time inserting and deleting records from table.
  • To apply this relationship in Innodb engine table.
How to assign foreign key
Create table parent(pid int primary key,pname varchar(50))
Create table child(cid int,cname varchar(50)) pi int foreign key(pi) reference parent(pid)
Dropping MySQL foreign key
ALTER TABLE table_name
DROP FOREIGN KEY constraint_name;
MySQL disabling and enabling foreign key checks

SET foreign_key_checks = 0;

SET foreign_key_checks = 1;

Sql Injection

  • It is a concept of passing sql statement through input control from end user.
  • user can pass his sql statement in order to control statement of programmer.
  • user can destroy the database information and he can capture the data of database by passing his sql statement through input control.
  • user can use textbox and query string to pass his sql statement we need to control input values of user.
  • user can use single quotation (‘) to modify sql statement.we need to control user from(‘) single quotation.

To prevent Our application from sql injection we need to follow some step at time of development.

  1. We should not accepts length statement through input control.
  2. Use add slash or mysql_real_escape_string function to add sql slashes in front of single(‘) and double (“) quotation
  3. It it is possible change magic_quotes_gpc= On.this configuration setting is use to place escape slashes in front of single(‘) and double(“) quotation of input data

Leave a Reply

Your email address will not be published. Required fields are marked *