Categories

Category Specific RSS

Escape characters in a MySQL statement

$query = "SELECT * FROM users WHERE username=’" . $username . "’ 
          AND password=’" . $password . "’";
 
// the record exists function is defined elsewhere
if (record_exists($query))
{
echo "Access granted";
}
else
{
echo "Access denied";
}

FacebookTwitterGoogle+PinterestTumblrStumbleUponRedditLinkedInBaiduApp.netBufferDeliciousDiggDiigoWordPressBlogger PostEmailPrintFriendlyShare

Leave a Reply