Jump to content

How to escape Ajax Request in PHP


Go to solution Solved by Barand,

Recommended Posts

<?php
include($_SERVER['DOCUMENT_ROOT']."/ext/inc/header.php");
$q = $_REQUEST["q"];
$username = mysqli_real_escape_string($conn, $q);
//echo $username."test<Br>";
echo $q;

mysqli_close($conn);
?>

$q is the string that is being typed in an input box on another page.

 

$username wont echo but $q will.

how to escape $q so i can use it in database quires? 

Edited by kwame123
Link to comment
https://forums.phpfreaks.com/topic/305207-how-to-escape-ajax-request-in-php/
Share on other sites

  • Solution

Perhaps it doesn't echo because you commented out the line.

 

Don't escape the variable, use prepared statements instead, binding the variable as a parameter.

 

EDIT: BTW, PDO makes it a lot easier than mysqli

Edited by Barand

Perhaps it doesn't echo because you commented out the line.

 

Don't escape the variable, use prepared statements instead, binding the variable as a parameter

i commented out the line because the line didnt work.

 

and okay i will look into it

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.