| Given below is a simple php function to format the input to the database inorder to avoid the SQL injection. function formatInput($str_value){ //function to format strings in a query $str_value = (!get_magic_quotes_gpc()) ? addslashes($str_value) : $str_value; $str_value = trim($str_value); $str_value = ($str_value != "") ? "'" . $str_value . "'" : "NULL"; return $str_value; } | |
| As you can see the function checks whether the magic quote feature of server is on and if not it adds slashes to the single and double quotes. If magic quotes is on the input value t the function will be having the single and double quotes escaped with a backslah. before returning the value, single quotes are appended and prepending to the text. SAMPLE USAGE $myQry=" SELECT * FROM TBL_INVENTORY WHERE PURCHASE_CODE = ".formatInput($purchase_code); | |
Manually submitting website pages to google Usually google crawls website's in a scheduled manner, but some time you may want to tell google about your new page or an important content updation. Insuch cases you can use following methods. Submit URl tool, Sitemap re-submission tool or Fetch as Google tool Each option is explained below:
Comments
Post a Comment