Search
 
SCRIPT & CODE EXAMPLE
 
CODE EXAMPLE FOR PHP

mysqli real escape string php


<?php

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = mysqli_connect("localhost", "my_user", "my_password", "world");

$city = "'s-Hertogenbosch";

/* this query with escaped $city will work */
$query = sprintf("SELECT CountryCode FROM City WHERE name='%s'",
    mysqli_real_escape_string($mysqli, $city));
$resu = mysqli_query($mysqli, $query);
printf("Select returned %d rows.
", mysqli_num_rows($result));

/* this query will fail, because we didn't escape $city */
$query = sprintf("SELECT CountryCode FROM City WHERE name='%s'", $city);
$result = mysqli_query($mysqli, $query);

Source by www.php.net #
 
PREVIOUS NEXT
Tagged: #mysqli #real #escape #string #php
ADD COMMENT
Topic
Name
4+8 =