VR SAVANI

New Trending Topics and Study Material

Breaking

Tag

Tricks & Tips (17) News (5) PHP (5) Android (3) SEO (1) free paytm cash (1)

Thursday, 22 February 2018

MySQL PHP Prepared Statement SQL injections PHP Prepared Statements

PHP Prepared Statements

by on in , , ,
Note : Prepared statements are very useful against SQL injections.

A prepared statement is a feature used to execute the same (or similar) SQL statements repeatedly with high efficiency.


MySQLi supports the use of anonymous positional placeholder (?), as shown below:

" INSERT INTO counselor(name) VALUES(?) "

Information About Code

Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password)
Host Name : localhost
Database Name : test
TextBox Name : txtname
Submit Button Name : Save


PHP Code Example #

<?php
if (isset($_GET['Save'])){
if (!empty($_GET['txtname'])) {$n = $_GET['txtname'];
// MySQL server connection.
$c = new mysqli("localhost", "root", "", "test");
// Prepare an insert statement
$q = $c->prepare("insert into counselor(name) values(?)");

// Bind variables to the prepared statement as parameters
 $->bind_param("s", $n);
// Attempt to execute the prepared statement
$q->execute();
//Data Notification 
echo "<br><br>
<div class='container'>
   <div class='alert alert-success alert-dismissable fade show' >
      <button type='button' class='close' data-dismiss='alert'>&times;</button>
      <strong>Data</strong> Enter Successfully...
   </div>
 </div>";
 } else {
//Error Notification 
echo "<br><br>
<div class='container'>
  <div class='alert alert-danger alert-dismissable fade show' >
      <button type='button' class='close' data-dismiss='alert'>&times;</button>
      <strong>Error!</strong> In Data Entry.....
   </div>
</div>";
}
}
?>

Html Code Example #


<div class="jumbotron bg-dark text-white">

    <br><br>



    <h1 class="text-center">Prepare Statement</h1>



<br>



<div class="container">

<form method="get" action="#">



<div class="form-group">



<h4>Enter Name </h4>



<input type="text" name="txtname" class="form-control"/>



</div>



<input type="submit" value="Save" name="Save"  class="btn btn-primary btn-block"/>

</form>



</div>



</div>

Css / Script #

Note : Script Use For Show Notification....
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css">

<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>

<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js"></script>

<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js" ></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js"></script>

<style>
    input[type=text] {
    width: 100%;
    padding: 12px 20px;
    margin: 8px 0;
    box-sizing: border-box;
    border: 3px solid #ccc;
    -webkit-transition: 0.5s;
    transition: 0.5s;
    outline: none;
    }

    input[type=text]:focus {
    border: 3px solid #555;
    transition: 1s;
    }
</style>
<script>

window.setTimeout(function () {
    $(".alert").fadeTo(500, 0).slideUp(500, function () {
        $(this).remove();
    });
}, 3000);

</script>

Layout #




PHP File


Download PHP file



By at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)