What is the main issue with the PHP script for the photo gallery?

The main issue with the PHP script for the photo gallery is that it is not properly sanitizing user input, which can lead to security vulnerabilities such as SQL injection attacks. To solve this issue, you should use prepared statements with parameterized queries to prevent SQL injection.

// Connect to the database
$pdo = new PDO(&#039;mysql:host=localhost;dbname=gallery&#039;, &#039;username&#039;, &#039;password&#039;);

// Prepare a SQL statement with a parameterized query
$stmt = $pdo-&gt;prepare(&#039;SELECT * FROM photos WHERE id = :id&#039;);

// Bind the parameter
$stmt-&gt;bindParam(&#039;:id&#039;, $_GET[&#039;id&#039;]);

// Execute the query
$stmt-&gt;execute();

// Fetch the results
$photo = $stmt-&gt;fetch();

Keywords

PHP script photo gallery error debugging

What is the main issue with the PHP script for the photo gallery?

Keywords

Related Questions