Php 'update' command script possibly needs sql injection protection? -

-

this question has answer here:

my database suffered sql injection attack, because relatively new programming , did not know that. have been trying learn how prevent them, cannot figure out how script. have type of script implemented though. how can prevent sql injection attack using script?

<?php  $autor = $_get["multi"]; $autop = $_get["multis"];  $sql = "update autoj set autob = '$autop' autoq = '$autor'";  $hd = "something"; $dd =  $_get['something']; $ud = "something"; $pd = "something";  $mysqli = new mysqli($hd, $ud, $pd, $dd);  if (mysqli_connect_errno()) {    printf("connect failed: %s\n", mysqli_connect_error());    exit(); }  $result = $mysqli->query($sql); if ($result) { ....

try this:

$hd = "something"; $dd = "put here"; $ud = "something"; $pd = "something";  $mysqli = new mysqli($hd, $ud, $pd, $dd);  if (mysqli_connect_errno()) {    printf("connect failed: %s\n", mysqli_connect_error());    exit(); }  $autor = $_get["multi"]; $autop = $_get["multis"]; $autor = $mysqli->real_escape_string($autor); $autop = $mysqli->real_escape_string($autop);  $sql = "update autoj set autob = '$autop' autoq = '$autor'";

also, on line two, see used $_get['something'] select database. don't.


Comments

Post a Comment

Popular posts from this blog

Perl - how to grep a block of text from a file -

-
it can in xml or text format. how in general grep block of text in perl? <track type="ws"> <range> <rangestart>0</rangestart> <rangeend>146.912</rangeend> <locationindex>0</locationindex> <propertyindex>0</propertyindex> </range> </track> <track type="ps" id="1"> <range> <rangestart>0</rangestart> <rangeend>146.912</rangeend> <locationindex>1</locationindex> <propertyindex>1</propertyindex> </range> </track> i want grep type="ps" , till </range> . one solution open file, read line line , match block. open(fh, "file.txt"); foreach $line (<fh>) { if ($line =~ m/type="cc"(.*?)<\/range>/) { print $1; } } but there more optimal solution without reading file line l
Read more

delphi - How to remove all the grips on a coolbar if I have several coolbands? -

-
Image
if set mycoolbar.fixedorder true,only grip on first band hidden. well,if use delphi 7 create vcl forms application,then put coolbar on , create 3 coolbans hold other controls,only grip , top coolbands can hidden setting mycoolbar.fixedorder:=true. i've uploaded picture make things clear. you got fixedorder property wrong. fixed property not allow bands rearranged if set true . setting property of coolbar true keep user changing bands order @ runtime, user can still move , resize bands. can give advice can do, actual solution problem, well, have wait answer. my advice use 3 coolbars in row , setting "fixedorder" property true , bandborderstyle bsnone . way grip hidden on of them. about property, it's not bug of ide, actual preference of property.
Read more

javascript - Animating array of divs; only the final element is modified -

-
this baffling me @ moment. i'm experienced programmer looking throw bit of surprise fiancee on countdown page our wedding. desired effect simulated confetti falling behind main page. setup follows: i have array of divs in javascript. each div absolutely positioned on page. have interval set updates every 50 or milliseconds. on each tick, run loop on array of divs, , calculations , update positions. problem problem having, however, though can see divs created, stored array, , modified (in case, each has slight randomized rotation) during initialization phase, once tick update position starts, div stored in whatever last slot of array gets position updated. tried hard-coding each div index testing purposes, strictly last element update position. upon printing current "left" , "top" style values each div before , after calculations shows value has been changed, no visible change noticeable. here's basic code: javascript var container;
Read more