Search the Community
Showing results for tags 'mysqli_real_escape_string'.
hello larry ! i learn your book 4, in ensuring Secure SQL chapter i write like your example but the mysqli_real_escape_string is not working i do everything like you connecto to database with require ('include/mysqli_connect.php'); // Connect to theand i input name like kali' and i input like fister"-* . but i find him in localhost like this name and i print him in view user i find him like i write .
Dear Larry, I am the customer who purchase your book PHP and MySql for Dynamic Website 4th edition. Now I read chapter 9 and reach the section of Ensure Secure SQL. I found that we will use function mysqli_real_escape_string for a security reason. If you have a book in your hand please open to page 287 and read the line 40. $p = mysqli_real_escape_string($dbc, trim($_POST['pass1'])); From here I have a question. We use the mysqli_real_escape_string function to secure sql, so it mean some character might now allow to enter because of security reason. But in form password, user c