How to intercept numeric SQL injection? Is it valid to verify if it is a number?
Test that adding single and double quotation marks to the sql query can still cause sql injection.
As the title states, can SQL injection be intercepted assuming that the verification parameter is a number?
if (!is_numeric($id)) {
exit('非法');
}SQL injection is no longer possible in such verification tests, but is this absolutely safe?
Xiaobai asks for help.
