a problem with database

This is where you share YOUR scripts with others

Moderators: macek, egami, gesf

medlinux
New php-forum User
New php-forum User
Posts: 1
Joined: Mon Aug 22, 2011 9:30 am

a problem with database

Postby medlinux » Mon Aug 22, 2011 9:37 am

hi
I try to use this code in order to avoid injection SQL

Code: Select all

   $reponse = $bdd->prepare("SELECT * FROM Table1 WHERE  Titre LIKE '%?%' OR Auteur LIKE '%?%' OR Editeur LIKE '%?%' ");
   $reponse->execute(array($_POST['book_title'],$_POST['book_author'],$_POST['editor']));

but it wants work
could you help me ?

NigelRen
php-forum Active User
php-forum Active User
Posts: 450
Joined: Fri Aug 05, 2011 9:53 am

Re: a problem with database

Postby NigelRen » Tue Aug 23, 2011 11:31 am

When you say it won't work - what error are you getting? Or is it just returning everything?


Return to “Your Scripts”

Who is online

Users browsing this forum: No registered users and 0 guests