PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 kitabu cha Simulizi 👉2 Dua za Mitume na Manabii 👉3 ai web app 👉4 Bongolite - Game zone - Play free game 👉5 Sira ya Mtume Muhammad (s.a.w) 👉6 Kitau cha Fiqh
Post zinazofanana:
Faida za kiafya za kula Viazi mbatata
Viazi mbatata ni katika vyakula ambavyo hupatikana karibia dunia yote. Viazi hivi vimekuwa ni lishe kubwa sana. Ila je unajuwa hasa ni faida gani za kiafya hupatikana kwenye viazi hivi?
Soma Zaidi...PHP - somo la 39: Jinsi ya kutengeneza mafaili na mafolda kwenye server kwa kutumia PHP
Katika somo hili utakwenda kujifunza jinsi ya kuzungumza na server ili kutengeneza mafaili, mafolda, kufuta na ku edit kwa kutumia PHP.
Soma Zaidi...PHP - somo la 11: Jinsi ya kutuma tarifa zilizojazwa kwenye form
Katika somo hili utakwenda kujifunza jinsi ya kukusanya taarifa za watumiaji kwa kutumia html form.
Soma Zaidi...PHP somo la 90: Jinsi ya kutumia json data kama blog post
Katika somo hili utaweza kujifunza ni kwa nambna gani utaweza kutengeneza blog post na kuisoma kwa kutumia data za json
Soma Zaidi...PHP BLOG - somo la 10: Jinsi ya kufanya sanitization
Katika somo hili utajifunza jinsi ya kufanya sanitization kwenye user input ili kuzuia sql injection kwenye database.
Soma Zaidi...PHP somo la 54: class constant kwenye php
Katika somo hili utakwenda kujifunza jinsi ya kutumia constatnt kwenye class.
Soma Zaidi...