Are These Sql Injection proof ?

[jennidavid2]

Are These Sql Injection proof ?

---

Php Experts,

Is this code sql injection proof ?
I did not write it. I just added the sessions and changed the column names. Copy & paste you might claim. If it does not need PREP STMT then I will leave it as is.
It does not need PREP STMT now does it ?
It displays all rows from all columns from a table.
PHP Code:

[npalmer96]

Php Masters,

The following code is my own code. I built it on the skeleton of the above code I grabbed from somewhere about 2yrs back.
I added PREP STMT and I got the final page to show the pagination numbers in reverse order such as: 10,9,8,7,6,5,4,3,2,1.
It is supposed to show all rows from the tbl.
Q2. What do you think ? Is it sql injection proof now ?

Compare the 2 codes and give me rating from 1-10 where 1 is RUBBISH and 10 is GREAT to show me how well I did.
PHP Code:

[paulmaker]

Php Gurus,

The following code is my own code. I built it on the skeleton of the above 2 codes where the 1st one I grabbed from somewhere about 2yrs back and the 2nd one was my work on the 1st one's skeleton.
I added PREP STMT and I got the final page to show the pagination numbers in reverse order such as: 10,9,8,7,6,5,4,3,2,1.
And, it is only supposed to show the final row of the tbl. That is all.

Q3. What do you think ? Is it sql injection proof now ?

Compare this code with the above post's code and give me rating from 1-10 where 1 is RUBBISH and 10 is GREAT to show me how well I did.

[moshebuch]

Comments on this post

• Catacaustic  agrees : I couldn't have said it better myself
• UniqueIdeaMan  agrees : I couldn't have agreed better myself! You went thru all that length to build this diagram which would be handy for all newbies. I actually knew the answers to my questions but nevertheless I needed the seniors to confirm incase I overlooked anything.