Php was a beginner, so it was severely frustrated at the beginning in SQL (specifically mysql. So write down some methods here. The first is the basic method. The basic method is not used now, so I will attach the database connection operation of
Phpsql statements are described in detail later. The latest php will help you learn more.
The code is as follows:
@ Mysql_connect ("localhost", "root", "1981427") // you must connect to the database server before selecting a database.Or die
Php implements code for SQL Injection Prevention. There are a lot of asp code, but php is rare. for friends who like php, refer
SQL anti-injection code 1
The code is as follows:
/*** SQL Injection Prevention* @ Author: zhuyubing@gmail.com**//***
The principle is the same as "using double-byte encoding to break through the single-byte escape limit of PHP for SQL injection.
View plaincopy to clipboardprint? // By redice 2010.10.21 // Connect to the mysql database$ Conn = 0;$ Conn =
Today I learned the basic skills of SQL injection from the Internet. SQL injection focuses on the construction of SQL statements, only the flexible use of SQL
Statement to construct the injected string of the bull ratio. After finishing the study, I
For SQL injection and anti-injection is actually an attack and defense, today we want to tell you the most basic injection and prevention methods, the principle is to take advantage of some PHP or MySQL features and we did not pay attention to the
Php + mssql makes it really painful. The type of ntext fields used to read mssql in php has another problem: when the content of ntext is too long, the ntext fields are not completely read.I have been searching for it on the Internet for a long time.
1. Confirm that the database service is open
2. Extended Open in PHP.ini configuration
3, check the database related version
(1) Sql2000 at this time to check the PHP directory and Apache bin directory version of the Ntwdblib.dll file is compatible,
First of all, the IE browser encoding format and database collation are set to "UTF-8". Again, it's okay to follow this print. However, the result is that the display is normal on the Web page, but the information in the inserted database is garbled.
The operation of CI on database sentences is sometimes very convenient and sometimes embarrassing, such as the problem of parentheses. The problem with parentheses comes from handling the precedence relationship of and and OR.
Sometimes it takes
Php execution of SQL return value problem,
ID is returned when the query is executed successfully. the query statement is correct. for example, the queried ID does not exist, but it is null. what is returned? What is returned when a query error
A simple SQL injection attack caseIf we have a company web site, in the site's background database to keep all the customer data and other important information. If there is such a command in the code of the website login page to read the user
Method filters HTML Custom functions
The code is as follows
Copy Code
function Ihtmlspecialchars ($string) {if (Is_array ($string)) {foreach ($string as $key => $val) {$string [$key] = Ihtmlspecialchars ($val);}} else
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.