1

I was coding a auth in PHP and C++ but PHP is what I need help with so here is the code inserting the data:

$c_con->query("INSERT INTO keys(key, days, used) VALUES ('".strtoupper(c_security::random_string(22))."', '".c_security::anti_sql_string($_POST["daysammount"])."', '0')");

Now I wanted to display the data that I just inserted in the database any help?

I've also tried:

echo strtoupper(c_security::random_string(22))
Nimantha
  • 6,405
  • 6
  • 28
  • 69
TDS
  • 21
  • 5
  • 1
    You'd have to query the data after adding it to the database... a second call to `random_string` will of course generate a new one – Honk der Hase May 23 '20 at 12:51
  • Do not build the SQL queries with variables by hand, this can lead to SQL injections. Use prepared statements instead, see https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – Progman May 24 '20 at 07:38

1 Answers1

1

Store the string in a variable before you insert it:

$myString = strtoupper(c_security::random_string(22));
$c_con->query("INSERT INTO keys(key, days, used) VALUES ('$myString', '".c_security::anti_sql_string($_POST["daysammount"])."', '0')");

Then you can use it later in your script:

echo $myString;

Or if you want to write less:

$c_con->query("INSERT INTO keys(key, days, used) VALUES ('".($myString = strtoupper(c_security::random_string(22)))."', '".c_security::anti_sql_string($_POST["daysammount"])."', '0')");

echo $myString;
kmoser
  • 8,780
  • 3
  • 24
  • 40