Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- default=1,name='Bob',lastName="Jones"
- $ins = "INSERT into table (field1,field2,fiel3,) values ('data1','data2',????)";
- $data3 = mysql_escape_string(????);
- $mysqli = new mysqli($servername, $username, $password);
- $stmt = $mysqli->prepare("INSERT into table (field1,field2,fiel3,) values (?,?,?)");
- $stmt->bind_param("sss",$data1,$data2,$data3);
- $stmt->execute();
- $dns = "mysql:dbname=test;host=localhost";
- $user = "root";
- $password = "";
- $connection = new PDO($dns, $user, $password);
- $sql = "INSERT INTO users (username, password) VALUES (:username, :password)";
- $statement = $connection->prepare($sql);
- $statement->execute([
- ':username' => $username,
- ':password' => $password
- ]);
- $statement->bindParam(':username', $username, PDO_PARAM_STRING);
- <?php
- function mysql_escape_mimic($inp) {
- if(is_array($inp))
- return array_map(__METHOD__, $inp);
- if(!empty($inp) && is_string($inp)) {
- return str_replace(array('\', "�", "n", "r", "'", '"', "x1a"), array('\\', '\0', '\n', '\r', "\'", '\"', '\Z'), $inp);
- }
- return $inp;
- }
- ?>
Add Comment
Please, Sign In to add comment
