PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 Bongolite - Game zone - Play free game 👉2 Dua za Mitume na Manabii 👉3 Tafasiri ya Riyadh Swalihina 👉4 Sira ya Mtume Muhammad (s.a.w) 👉5 web hosting 👉6 Kitabu cha Afya
Post zinazofanana:
PHP - somo la 48: Jinsi ya kuzuia hacking kwenye sytem ya kujisajili na ku login
Katika somo hili utajifunza jinsi ambavyo utaweza kutengeneza mfumo wa kuisajiki na ku login, kisha kuangalia usalama wa mfumo kwa kuzuia sql injection.
Soma Zaidi...PHP - somo la 36: Jinsi ya ku upload taarifa za mafaili kwenye database kw akutumia PHP
katika somo hili utajfunza kukusanya taarifa za mafaili. kisha ku upload hayo mafaili. kisha kuandika hizo taarifa za mafaii kwenye database
Soma Zaidi...PHP - somo la 44: Nini cURL na ni yapi matumizi yake?
Katika somo hilibutajifunza maana ya cURL pamoja na matumini yake
Soma Zaidi...PHP somo la 95: Jinsi ya kutengeneza customer ORM
Katika somo hili uttakwend akujifunz ajinsi ambavyo utaweza kutengeneza simple ORM yakwako mwenyewe
Soma Zaidi...PHP somo la 101: Advanced RedBeanPHP - Usimamizi wa Database, Usalama, na Ufanisi
Hili ni somo la mwisho katika mfululizo huu wa ORM, kupata ujuzi zaidi endelea kusoma ORM nyinginezo ambazo nimetangulia kuzitaja awali ya masomo haya.
Soma Zaidi...PHP somola 63: Jinsi ya ku connect database kwa kutumia PDO na faida zake
Katika soo hili utakwenda kujifunza umuhmu wa kutumia PDO kwenye PHP kwa ajili ya kutumia database.
Soma Zaidi...