how do you make input text form secure?, to prevent PHP, JQUERY injection from hackers and store their ip address in MySQL to block it

Question

Hello I am trying to figure out how to make secure Search engine or other types of POST and GET FORM.

this is example i have tried:

<?php

<!-- this $POST is the result to use on IF -->
$search_POST =stripcslashes(strip_tags(mysql_real_escape_string($_POST['keyword'])));

<!-- this $GET is the result to print on url -->
$search_GET = stripcslashes(strip_tags(mysql_real_escape_string($_GET['keyword'])));


if(here would like to detect url that contains tags and redirect with empty result and block the visitor){

$ip = $_SERVER['REMOTE_ADDR'];

$Action_block = mysql_query ("INSERT INTO BLOCK_HACKER VALUES ('','$ip','','')")or die("didn't work");

header ("Location: http://website.com");
exit();

} 





?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>"  method="POST"  >
<input type="text" id="search" class="" name="keyword" value="<?php echo $search_get1  ?>" placeholder="Find a Product" style="float:left; margin-bottom:10px;" >
<input type="button" name="submit23" id="submit23" value="" style="float:left; margin-left:-40px; margin-top:6px; height:24px; width:24px; background:url(<?php echo ''.$link_adress.'' ?>img/system/magnifyingglass.png); background-size:100% 100%; border:0; cursor:pointer; opacity:0.6;"  />
</form>

Can you guys help?

I'd suggest reviewing [prepared statements](http://php.net/manual/en/book.mysqli.php) with `mysqli`. — camelCase, Oct 06 '15 at 16:58
Thank you i will have look on RiggsFolly and Your Common Sense , superb — Eládio Oliveira De Macêdo, Oct 06 '15 at 17:14

how do you make input text form secure?, to prevent PHP, JQUERY injection from hackers and store their ip address in MySQL to block it

0 Answers0