August 1, 2012

Database caching and sql injection prevention

Database caching and sql injection prevention

Most probably this term “database caching” will be new for the beginners or the developers who are not using such php frameworks which provide this facility. I am talking about one of those which is codeigniter. Database caching in fact caches those queries which fetch the records from database not those queries which update or insert records into database. In short, if query contains joins or complex where clause and fetch the 100 records so the database caching will allow that result set to be stored on disk in shape of files. Next time if the parameters are the same and the query matched with the last query which was cached so the result set will be retrieved from the file and be displayed instantly. Pagination won’t be effected too.
The most interesting part is that if you could visit all the pages exist in your website while you have enabled the database caching so your queries will be cached according to your parameters. Next time when a hacker or query breaker will access those pages and try to inject some code so your database will not query to it. Because all the possible results are already cached in files and will be retrieved instantly. But still few queries need to be with cache off settings because the updated results matter in few situations. So database caching will provide not only the efficient load time but the sql injection prevention.

Last updated: March 19, 2014