99 ochrana proti injecton útoku
This commit is contained in:
kankys
parent
f32240acaf
commit
0ab7f4a47f
@ -7,21 +7,20 @@ if ($_SERVER ["REQUEST_METHOD"] === "POST") {
|
|||||||
require "assets/database.php";
|
require "assets/database.php";
|
||||||
|
|
||||||
$sgl = "INSERT INTO student (first_name, second_name, age, life, college)
|
$sgl = "INSERT INTO student (first_name, second_name, age, life, college)
|
||||||
VALUES ('" . $_POST["first_name"] . "','"
|
VALUES (?, ?, ?, ?, ?)";
|
||||||
. $_POST["second_name"] . "','"
|
$statement = mysqli_prepare($connection, $sgl);
|
||||||
. $_POST["age"] . "','"
|
|
||||||
. $_POST["life"] . "','"
|
|
||||||
. $_POST["college"] . "')";
|
|
||||||
// var_dump($sgl);
|
|
||||||
// exit;
|
|
||||||
$result = mysqli_query($connection, $sgl);
|
|
||||||
|
|
||||||
if ($result === false) {
|
mysqli_stmt_bind_param($statement, "ssiss", $_POST["first_name"], $_POST["second_name"], $_POST["age"], $_POST["life"], $_POST["college"]);
|
||||||
echo mysqli_error($connection);
|
mysqli_stmt_execute($statement);
|
||||||
} else {
|
|
||||||
$id = mysqli_insert_id($connection);
|
// $result = mysqli_query($connection, $sgl);
|
||||||
echo "Úspěšně vložen žák s ID: $id";
|
//
|
||||||
}
|
// if ($result === false) {
|
||||||
|
// echo mysqli_error($connection);
|
||||||
|
// } else {
|
||||||
|
// $id = mysqli_insert_id($connection);
|
||||||
|
// echo "Úspěšně vložen žák s ID: $id";
|
||||||
|
// }
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user