sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-16 00:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Split second example in two

Browse source 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@168837 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Aidan Lister 2004-09-20 08:52:55 +00:00
parent b9292b6a82
commit 1443a4be76
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
reference/mysql/functions/mysql-real-escape-string.xml
View file

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.15 $ -->
<!-- $Revision: 1.16 $ -->
<!-- splitted from ./en/functions/mysql.xml, last change in rev 1.100 -->
<refentry id="function.mysql-real-escape-string">
<refnamediv>
@ -106,10 +106,16 @@ SELECT * FROM users WHERE name='aidan' AND password='' OR 1=1
<para>
This would allow anyone to log in without a valid password.
</para>
</example>
</para>
<para>
<example>
<title>A "Best Practice" query</title>
<para>
Using <function>mysql_real_escape_string</function> around each variable
prevents this. This example demonstrates the proper method for querying a database,
independent of the <link linkend="security.magicquotes">Magic Quotes</link> setting.
prevents SQL Injection. This example demonstrates the "best practice"
method for querying a database, independent of the
<link linkend="security.magicquotes">Magic Quotes</link> setting.
</para>
<programlisting role="php">
<![CDATA[