1
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

マーカーをバインドしてSQLインジェクション対策

Posted at

PHPにてSQL INSERT文を実行するにあたりSQLインジェクション対策を行うために。
SQLクエリを作成。VALUES()の中の値はマーカー'?'とする・・・①
Prepared statementに作成したクエリを登録。・・・②
作成したマーカーにパラメータをバインドする。・・・③

<?php
$player = "AJ"
$statement = $mysqli->prepare("INSERT INTO team (player) VALUES (?)");  //①、②
$statement->bind_param("s", $player); //③
?>
1
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
1
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?