Script Clean SQL Injection pada MySQL - PHP
Script Clean SQL Injection pada MySQL - PHP
<?php
$link = mysql_connect('localhost', 'root', '');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$vname=clean($_POST['vname']);
$vtitle=clean($_POST['vtitle']);
echo $vname . $vtitle;
function clean($str)
{
$str = @trim($str);
if(get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
mysql_close($link);
?>