99 ochrana proti injecton útoku

This commit is contained in:
kankys 2024-09-26 13:16:27 +02:00
parent 0ab7f4a47f
commit 6f18eb5bfb

View File

@ -2,25 +2,28 @@
global $connection;
if ($_SERVER ["REQUEST_METHOD"] === "POST") {
require "assets/database.php";
$sgl = "INSERT INTO student (first_name, second_name, age, life, college)
VALUES (?, ?, ?, ?, ?)";
$statement = mysqli_prepare($connection, $sgl);
mysqli_stmt_bind_param($statement, "ssiss", $_POST["first_name"], $_POST["second_name"], $_POST["age"], $_POST["life"], $_POST["college"]);
mysqli_stmt_execute($statement);
$statement = mysqli_prepare($connection, $sgl);
// $result = mysqli_query($connection, $sgl);
//
// if ($result === false) {
// echo mysqli_error($connection);
// } else {
// $id = mysqli_insert_id($connection);
// echo "Úspěšně vložen žák s ID: $id";
// }
if ($statement === false) {
echo mysqli_error($connection);
} else {
mysqli_stmt_bind_param($statement, "ssiss", $_POST["first_name"], $_POST["second_name"], $_POST["age"], $_POST["life"], $_POST["college"]);
if (mysqli_stmt_execute($statement)) {
$id = mysqli_insert_id($connection);
echo "Úspěšně vložen žák s ID: $id";
} else {
echo mysgli_stmt_error($statement);
}
}
}
?>
<!DOCTYPE html>