LAB: Protecting a MySQL database against SQL injection

• Protect the MySQL database

  .
  
  

  • Rewrite Model/Products.php to use "PDO" instead of the "mysql" extension

• Use prepared statements and database escaping / quoting

  .
  
  

  • Rewrite Model/Members.php to use prepared statements with database escaping / quoting