What are the best practices for securely storing passwords in a MySQL database using PHP, considering the potential vulnerabilities like SQL injection?

To securely store passwords in a MySQL database using PHP, it is recommended to hash the passwords before storing them. This helps protect the passwords in case of a data breach or SQL injection attack. One common hashing algorithm used for this purpose is bcrypt.

// Hashing and storing the password securely in a MySQL database
$password = "user_password";
$hashed_password = password_hash($password, PASSWORD_BCRYPT);

// Inserting the hashed password into the database
$query = "INSERT INTO users (username, password) VALUES ('user123', '$hashed_password')";
// Execute the query using mysqli or PDO