MySQLi Security Measures

Asked May 14 '15 at 09:51

Active Jan 14 '20 at 21:25

Viewed 60 times

I am setting up various forms and features on my site while using the simple method of putting the form posts into variables as below:

if(isset($_POST['one'])){
    $name = $_POST['name'];
    $description = $_POST['description'];
    $category = $_POST['category'];

}

This is obviously a really basic example but that is all I am looking for really. With this kind of method of posting and creating variables, how can you stop the user from entering unwanted text or code and protect your site from any MySQLi injections? I remember in MySQL there was a few options of adding code before the $_POST['name']; section? Does this still help or work? And if there is a simple method, I would rather that.

edited Jan 14 '20 at 21:25

Dharman

30,962
25
85
135

asked May 14 '15 at 09:51

Aidanpt6

2

possible duplicate of [How can I prevent SQL-injection in PHP?](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – deceze May 14 '15 at 09:53
1

[The Great Escapism (Or: What You Need To Know To Work With Text Within Text)](http://kunststube.net/escapism/) – deceze May 14 '15 at 09:53
1

Learn about [Prepared Statements](https://en.wikipedia.org/wiki/Prepared_statement) with [parameterized queries](https://stackoverflow.com/a/4712113/5827005). – GrumpyCrouton Jan 14 '20 at 21:28

MySQLi Security Measures

0 Answers0