msqli_* prevent SQL injection
来源:互联网 发布:java教程pdf完整版 编辑:程序博客网 时间:2024/06/07 07:23
To avoid your code be vulnerable, especially for preventing SQL injection. You may need the mysqli_* function and prepare statement of it to make it.
I will make some examples, such like this:
- The SELECT sentence like this:
$stmt = $conn->prepare('SELECT column_name FROM table_name WHERE column_name = ?');$stmt->bind_param('s', $varname);$stmt->execute();$result = $stmt->get_result();
- The INSERT sentence like this:
$stmt = $conn->prepare('INSERT INTO table_name(column_name_f, column_name_s) VALUES(?,?)');$stmt->bind_param('ss', $var_name_f, $var_name_s);$stmt->execute();$stmt->close();
So the only question you guys want to know is that mysterious ‘s’.
Not other mean, just String.
And other’s just as the word the said.
- bind_param which bind param like $var_name_f with the first question mark in this string(’s’) format.
- execute means that the statement will execute the sql sentence.
- close, just close connection;
1 0
- msqli_* prevent SQL injection
- How to Prevent SQL Injection Attack (Explained with an Example)
- How can I prevent SQL-injection in PHP?
- SQL Injection Attacks and Some Tips on How to Prevent Them
- What’s the Right Way to Prevent SQL Injection in PHP Scripts?
- SQL Injection
- SQL injection
- sql injection
- SQL Injection
- sql injection
- sql Injection
- sql injection
- sql injection
- SQL injection
- SQL injection
- SQL Injection
- SQL Injection
- SQL Injection
- QT中定时器的使用方法
- F
- iOS GPUImage研究序三:GPUImageMovie简介
- AsyncTask学习
- You Only Look Once: Unified, Real-Time Object Detection
- msqli_* prevent SQL injection
- 算法中的小技巧
- kafka数据可靠性深度解读
- 2017华为软件精英挑战赛总结
- 解决VSCODE界面出现阴影-MAC版
- elasticsearch查询语句篇
- Kinect V2基本资料
- 【java】深度优先搜索和广度优先搜索
- ActiveMQ的介绍