Search:

bgarrant · 04-19-2010 04:01 PM

Would this code be even more safe as it would escape the $_GET variable before the prepare statement is even declared?

<?
require_once('includes/db.php');

if...

bgarrant · 04-19-2010 01:11 PM

Can I close the prepared statement and still use bind_result variables throughout the page like this? Is this a better method than closing on bottom of page?

<?php...

bgarrant · 04-19-2010 01:06 PM

Thank you for reply Michael. So how does this code look to you for secure GET retrieval of a string? Am I using it correctly to receive a single resultset? Also, the PHP page uses several fields...

bgarrant · 04-19-2010 11:11 AM

Title should be "How do I use Prepared Statements for PHP/MySQL SQL Injection Prevention?"

bgarrant · 04-19-2010 10:26 AM

I have a pages setup that seems to work fine, but I want to get some professional feedback as I am a bit of a newb at the prepared statement usage. I have a PHP page that uses several fields from a...

Search:

Search: Search took 0.01 seconds.

Thread: How do I Prepared Statements for PHP/MySQL SQL Injection Prevention?

mysqli_real_escape_string with prepared statement

Thread: How do I Prepared Statements for PHP/MySQL SQL Injection Prevention?

Can I close the prepared statement and still use...

Thread: How do I Prepared Statements for PHP/MySQL SQL Injection Prevention?

Prepared Statements, bind_result and echo variables

Thread: How do I Prepared Statements for PHP/MySQL SQL Injection Prevention?

Title should be "How do I use Prepared Statements...

Thread: How do I Prepared Statements for PHP/MySQL SQL Injection Prevention?

How do I Prepared Statements for PHP/MySQL SQL Injection Prevention?