Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880">...
Jifunze zaidi, na wasiliana nasi ukiwa na App yetu. Bofya link hapo chini kuweza kuipakua.
Download NowUmeionaje Makala hii.. ?
Katika somo hili utajifunza jinsi ya kutuma email kwa kutumia email() function ya PHP. Hii ni njia rahisi zaidi ya kutuma email. Ila hufanya kazi kwenye hosting.
Soma Zaidi...Katika somo hili utakwenda kujifunza jinsi ya kutumia database ya sqlite kwa kutumia PHP.
Soma Zaidi...Katika somo hili utajifunza jinsi ya kutumia filter_var() function kwa ajili ya kuchuja code zilizo hatari kwenye PHP file
Soma Zaidi...Katika somo hili utakwenda kujifunz akuchakata data zaidi kw akutumia ORM kama ku join table
Soma Zaidi...Katika somo hili utakwenda kujifunza jinsi ya kusoma data kutoka kwenye database kwa kutumia PHP.
Soma Zaidi...Katika somo hili utajifunza jinsi ya kuandika while loop kwenye PHP
Soma Zaidi...Katika somo hili utajifnza jinsi ya ku upload file kwenye database. Kisha utajifunza jinsi ya kulisoma faili hilo kwa kutumia php
Soma Zaidi...Katika somo hili utakwenda kujifunza jisniya kutuma email kwa kutumia PHPMailer kwenye project ya PHP. Katika somo hili tutakwend akutuma email kwa kutumia localhost.
Soma Zaidi...Faili la env ni moja kati ya mafaili ambayo ni muhimu kwa usalama wa project. Fili hili hutumika kuhifadhi data za siri
Soma Zaidi...hapa utawenda utuma database wa ajl ya utengeneza maudhu ya PDF.
Soma Zaidi...