Защита от Sql - инъекций

Пример

В данном случае идет подмена a,b,c -> x,y,z , Данные после символа комментария -- не принимаются к выполнению
INSERT INTO mytable VALUES(x,y,z) -- ,a,b,c)

Лечение для форм

mysqli_real_escape_string($dbc,trim($_POST['xxx']));

Russian
Категория: 
The code has been tested and works
Мультитег: 

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Target Image