How can PHP developers ensure data security when storing user information in a database?
To ensure data security when storing user information in a database, PHP developers should use prepared statements with parameterized queries to prevent SQL injection attacks. Additionally, they should hash sensitive data like passwords using secure hashing algorithms such as bcrypt before storing them in the database.
// Establish database connection
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "database";
$conn = new mysqli($servername, $username, $password, $dbname);
// Prepare SQL statement with parameterized query
$stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $username, $hashed_password);
// Hash password using bcrypt
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
// Execute the statement
$stmt->execute();
// Close the statement and connection
$stmt->close();
$conn->close();