Jump to content

PHP MySQL Injection threat.


jamesmiddz

Recommended Posts

Hi, can anyone tell me how I could prevent data injection into the following code?

<?php
include("connect.php");
$name = $_POST['name'];
$address = $_POST['address'];
$tel = $_POST['tel'];

$query = "INSERT INTO people (id, name, address, tel)
VALUES ('', '$name', '$address', '$tel')";

$results = mysql_query($query) or die
("Could not execute query : $query." . mysql_error());

if ($results)
{
echo "Details added.";
}
?>

James
Link to comment
https://forums.phpfreaks.com/topic/20727-php-mysql-injection-threat/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.