Home > Article > Backend Development > Basic php mysql method to prevent sql attack injection_PHP tutorial
Basic php mysql method to prevent sql attack injection_PHP tutorial
- WBOYOriginal
- 2016-07-13 17:10:04927browse
We used the Magic Quotes that comes with the php tutorial to determine whether it is enabled. If so, use strips tutorial lashes, otherwise use mysql tutorial_real_escape_string to filter
//If Magic Quotes function is enabled
if (get_magic_quotes_gpc()) {
$name = stripslashes($name);
}else{
$name = mysql_real_escape_string($name);
}mysql_query("SELECT * FROM users WHERE name='{$name}'");
Note: The mysql_real_escape_string function will not be effective until the mysql database tutorial connection is successful.
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:How to get data from form array in php_PHP tutorialNext article:How to get data from form array in php_PHP tutorial