Results 1 to 2 of 2

Thread: best way yo Store And Display CODE BLOCK?

  1. #1
    Join Date
    Oct 2013

    best way yo Store And Display CODE BLOCK?

    i am developing a Search Engine by PHP, which search any Code Block i have posts and store, like MSDN
    and My website will store ALL type PROGRAMMING LANGUAGES ( PHP, c#, JS...) ( Estimates about 10.000 Code )

    And bestway to implement that? how to Avoid SQL Injection if I store my Code block in Database.
    if dont choose Database to Store, what is another way to do???


  2. #2
    Join Date
    Aug 2004
    You would prevent SQL injection the same way you would with any other text inputs: either via prepared statements and bound parameters (e.g. if using the PDO or MySQLi DB extension) or by using the applicable escaping function for your DB extension (e.g. mysql_real_escape_string() if using the now-deprecated MySQL extension).

    When outputting it to the browser (probably within <pre> tags), use htmlentities() on that text so that it does not mess up your HTML, also preventing any JavaScript injection as a bonus. (If it's PHP code, you can use highlight_string() instead, which will add colored syntax highlighting as well.)
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center