Recently in learning, PHP MySQL
Next, after submitting the form, between inserting the database,
Is that enough to write? Do you want to write any other anti-SQL code?
$name =mysql_real_escape_string ($_post[' name ');
Reply to discussion (solution)
Baidu "360 Universal anti-injection" can be used as a reference
Baidu "360 Universal anti-injection" can be used as a reference
O (∩_∩) o Thank you
Is there something wrong with me writing this?
That's all you have to say.
Baidu "360 Universal anti-injection" can be used as a reference
O (∩_∩) o Thank you
Is there something wrong with me writing this?
OK
I've just learned. I think directly to learn PDO, with parameter query. Anyway, it's just starting to learn.
General use addslashes function; mysql_real_escape_string must be connected to the database before it can be used
1. The user's data must be digitally verified as a number
2.addslashes function
3.mysql_real_escape_string or Mysql_escape_string
4. Precompiled SQL Prepare
I think the use of 360safe is still good, there is time to study!!