PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 Sira ya Mtume Muhammad (s.a.w) 👉2 kitabu cha Simulizi 👉3 Bongolite - Game zone - Play free game 👉4 Tafasiri ya Riyadh Swalihina 👉5 Kitabu cha Afya 👉6 web hosting
Post zinazofanana:
PHP - somo la 23: Jinsi ya kutumia condition statement kwenye database kwa kutumia PHP
Katika somo hili utakwenda kuona namna ya kutuia if else kwenye data zilizopo kwenye database kwa kutumia PHP
Soma Zaidi...PHP somo la 80: Authentication header
Katika somo hili utakwenda kujifunza kuhusu Authentication header, najinsi ya kutuma taarifa hizo na kuzisoma
Soma Zaidi...PHP BLOG - somo la 8: Jinsi ya kufuta post kwenye database
katika post hii utajifunza jinsi ya kufuta post kwenye database. pia utajifunza jinsi ya kufuta picha kwenye server
Soma Zaidi...PHP somo la 59: static property kwenye PHP
Katika somo hili utakwend kujifunza kuhusu static property na jnsi inavyotumika
Soma Zaidi...PHP somo la 98: Library za PHP ambazo unaweza kutumia ORM
Somo hili litakwenda kukutajia baadhi ya library za php ambazo hutumika kwa matumizi ya ORM
Soma Zaidi...PHP somo la 67: Project ya CUDE operaton wa utuma OOP na PDO
Katika somo hii utakwenda kujifunza jinsi ya kufanya CRUDE operation kwa kutumia PDO. crude operation inahusu create, read, update. Delete.
Soma Zaidi...