How to Check Text Content for SQLI Injection Attacks in PHP

1 min readMar 21


Text based threats pose a considerable risk to our system, so it’s vital that our applications check text strings for malicious content before it can wreak havoc on our system from the inside.

Using the code below, you can take advantage of our free-to-use (up to 800 API calls per month with no commitments) SQLI Detection API which quickly identifies whether SQL strings contain SQL injection attacks. The underlying resource will return a simple Boolean indicating whether the string contained such a threat, ensuring your system can quickly react against that threat before it causes serious internal damage.

To structure your API call with PHP code examples (you can peruse other code examples here), start by running the below command to install the SDK:

composer require cloudmersive/cloudmersive_security_api_client

After that, you’re going to copy from the below examples to structure your request. First, however, make sure you have a free API key to authenticate your request (you can get one by registering a free account on our website):

require_once(__DIR__ . '/vendor/autoload.php');

// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');

$apiInstance = new Swagger\Client\Api\ContentThreatDetectionApi(

new GuzzleHttp\Client(),
$value = "value_example"; // string | User-facing text input.

try {
$result = $apiInstance->contentThreatDetectionCheckSqlInjectionString($value);
} catch (Exception $e) {
echo 'Exception when calling ContentThreatDetectionApi->contentThreatDetectionCheckSqlInjectionString: ', $e->getMessage(), PHP_EOL;

That’s all there is to it — you can say goodbye to SQLI injection threats on your webstie!




There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.