Home >Backend Development >PHP Tutorial >Basic php mysql method to prevent sql attack injection_PHP tutorial
We used the Magic Quotes that comes with the php tutorial to determine whether it is enabled. If so, use strips tutorial lashes, otherwise use mysql tutorial_real_escape_string to filter
//If Magic Quotes function is enabled
if (get_magic_quotes_gpc()) {
$name = stripslashes($name);
}else{
$name = mysql_real_escape_string($name);
}mysql_query("SELECT * FROM users WHERE name='{$name}'");
Note: The mysql_real_escape_string function will not be effective until the mysql database tutorial connection is successful.