SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    Get my greedy down dotJoon's Avatar
    Join Date
    Apr 2003
    Location
    daejeon, South Korea
    Posts
    2,223
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    mysql_real_escape_string

    Code:
    $query="select id from myTable1 where title='".$_POST['myVar']."' " ;
    The code above works fine.

    And the code below also works fine.
    Code:
    $title = mysql_real_escape_string($_POST['myVar']);
    $query="select id from myTable1 where title='".$_POST['myVar']."' " ;
    What's the meaning of "$title = mysql_real_escape_string($_POST['myVar']); "?
    How does it prevent SQL injection?

  2. #2
    I meant that to happen silver trophybronze trophy Raffles's Avatar
    Join Date
    Sep 2005
    Location
    Tanzania
    Posts
    4,662
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Read the manual!!!!!

    1. Go to php.net
    2. Type "mysql_real_escape_string" in the search box in the top right.
    3. Read and you will learn.

  3. #3
    Non-Member Kalon's Avatar
    Join Date
    Aug 2010
    Location
    At my computer
    Posts
    2,012
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'll give you the link

    RTFM (Read This For More)

    yesterday you mentioned that language is a barrier to reading the manual, but there is a wide range of languages you can choose from to view the manual.

    also, some examples of sql injection

  4. #4
    Get my greedy down dotJoon's Avatar
    Join Date
    Apr 2003
    Location
    daejeon, South Korea
    Posts
    2,223
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Kalon View Post
    I'll give you the link

    RTFM
    Thank you for your kind suggestion to the link although I already found the link by Raffles guide.

    Quote Originally Posted by Kalon View Post
    language is a barrier to reading the manual
    language is one of the barriers.

  5. #5
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.



Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •