This question already has an answer here:
- How can I prevent SQL injection in PHP? 28 answers
i'm developing a website and i'm asking if this little code is vulnerable to SQL Injection or if it's secure:
$param1 = $_GET['param1'];
$sql_news="select * from table1 where attr1 = '$param1'";
Can i stay in peace ?
Thanxs
</div>