Board index   FAQ   Search  
Register  Login
Board index PHP Your Scripts

a problem with database

This is where you share YOUR scripts with others

Moderators: macek, egami, gesf

a problem with database

Postby medlinux » Mon Aug 22, 2011 9:37 am

hi
I try to use this code in order to avoid injection SQL
Code: Select all
   $reponse = $bdd->prepare("SELECT * FROM Table1 WHERE  Titre LIKE '%?%' OR Auteur LIKE '%?%' OR Editeur LIKE '%?%' ");
   $reponse->execute(array($_POST['book_title'],$_POST['book_author'],$_POST['editor']));

but it wants work
could you help me ?
medlinux
New php-forum User
New php-forum User
 
Posts: 1
Joined: Mon Aug 22, 2011 9:30 am

Re: a problem with database

Postby NigelRen » Tue Aug 23, 2011 11:31 am

When you say it won't work - what error are you getting? Or is it just returning everything?
NigelRen
php-forum Active User
php-forum Active User
 
Posts: 450
Joined: Fri Aug 05, 2011 9:53 am


Return to Your Scripts

Who is online

Users browsing this forum: Baidu [Spider] and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.