PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 kitabu cha Simulizi 👉2 Madrasa kiganjani 👉3 Kitabu cha Afya 👉4 Simulizi za Hadithi Audio 👉5 Dua za Mitume na Manabii 👉6 Kitau cha Fiqh
Post zinazofanana:
PHP BLOG - somo la 1: Utangulizi na jinsi ya kuandaa kwa ajili ya somo
Katika course hii utakwenda kujifundisha jinsi ya lutengeneza blog kutoka mwanzo hadi mwisho.
Soma Zaidi...PHP - somo la 10: Jinsi ya kundika condition statement if, ifelse na switch case
Katika somo hili utakwenda kujifunza kuhusu condition statements if, ifelse na switch case. Hata utajifunza jnsi ya kuziandika na zinavyofanya kazi
Soma Zaidi...PHP somo la 79: Custom header
Katika somo hili utakwenda kuhifunza kuhusu Custom header na aina zake
Soma Zaidi...PHP somo la 100: Jinsi ya kutumia sql moja kwa moja kwenye ORM ya RedBeanPHP
Katika somo hili utakwend akujifunz ajinsi ya kuandika query ndani ya ORM. Hii inakupa uhuru wa kufanya kileunachotaka bila ya kuathiri usalama wa project
Soma Zaidi...PHP - somo la 23: Jinsi ya kutumia condition statement kwenye database kwa kutumia PHP
Katika somo hili utakwenda kuona namna ya kutuia if else kwenye data zilizopo kwenye database kwa kutumia PHP
Soma Zaidi...PHP somo la 82: Content-Disposition
Katika somo hili utakwenda kujifunza kuhusu aina ya header inayoitwa Content-Disposition
Soma Zaidi...