www.webdeveloper.com
Results 1 to 2 of 2

Thread: best way yo Store And Display CODE BLOCK?

  1. #1
    Join Date
    Oct 2013
    Posts
    5

    best way yo Store And Display CODE BLOCK?

    i am developing a Search Engine by PHP, which search any Code Block i have posts and store, like MSDN
    and My website will store ALL type PROGRAMMING LANGUAGES ( PHP, c#, JS...) ( Estimates about 10.000 Code )

    And bestway to implement that? how to Avoid SQL Injection if I store my Code block in Database.
    if dont choose Database to Store, what is another way to do???

    Thanks

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,224
    You would prevent SQL injection the same way you would with any other text inputs: either via prepared statements and bound parameters (e.g. if using the PDO or MySQLi DB extension) or by using the applicable escaping function for your DB extension (e.g. mysql_real_escape_string() if using the now-deprecated MySQL extension).

    When outputting it to the browser (probably within <pre> tags), use htmlentities() on that text so that it does not mess up your HTML, also preventing any JavaScript injection as a bonus. (If it's PHP code, you can use highlight_string() instead, which will add colored syntax highlighting as well.)
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles