Advertisement
dimkiriaoks

Untitled

Dec 11th, 2022
916
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 0.46 KB | None | 0 0
  1. city = "'s-Hertogenbosch";
  2.  
  3. /* this query with escaped $city will work */
  4. $query = sprintf("SELECT CountryCode FROM City WHERE name='%s'",
  5.     mysqli_real_escape_string($mysqli, $city));
  6. $resu = mysqli_query($mysqli, $query);
  7. printf("Select returned %d rows.\n", mysqli_num_rows($result));
  8.  
  9. /* this query will fail, because we didn't escape $city */
  10. $query = sprintf("SELECT CountryCode FROM City WHERE name='%s'", $city);
  11. $result = mysqli_query($mysqli, $query);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement