PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 Bongolite - Game zone - Play free game 👉2 web hosting 👉3 Kitabu cha Afya 👉4 Madrasa kiganjani 👉5 kitabu cha Simulizi 👉6 Dua za Mitume na Manabii
Post zinazofanana:
PHP somo la 90: Jinsi ya kutumia json data kama blog post
Katika somo hili utaweza kujifunza ni kwa nambna gani utaweza kutengeneza blog post na kuisoma kwa kutumia data za json
Soma Zaidi...Jinsi ya kutuma Email kwa kutumia PHP
Katika post hii utakwenda kujifunza jinsi ya kutuma email kwa kutumia php function ya email()
Soma Zaidi...PHP somo la 66: Jinsi ya ku edit data na kufuta kwenye database kwa kutumia PDO
Katika somo hili utakwenda kujifunza jinsi jinsi ya ku edit ama ku update data na kuzifuta kwenye database kwa kutumia PDO
Soma Zaidi...PHP - 9: Jinsi ya kuandika array kwenye PHP na kuzifanyia kazi
Katika somo hili tutakwenda kujifunza kuhusu array kwenye php, na jinsi zinavyoweza kufanya kazi
Soma Zaidi...PHP somo la 89: Jinsi ya kutumia data za json kwenye program ya php na html
Katika somo hili utakwend akujifunza ni kwa namna gani utaweza kuzitumiadata za jsonkwenye program yako
Soma Zaidi...PHP - somo la 3: Maana ya variable na inavyoandika kwenye PHP
Katika somo hili utakwenda kujifunza kujusu PHP variable, maana yake na sheria za uandishi wa variable
Soma Zaidi...