PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 Kitau cha Fiqh 👉2 Tafasiri ya Riyadh Swalihina 👉3 kitabu cha Simulizi 👉4 Dua za Mitume na Manabii 👉5 Simulizi za Hadithi Audio 👉6 web hosting
Post zinazofanana:
PHP - somo la 16: Jinsi ya kufuta tabale na database kwa kutumia php
Katika somo hili utajifunza jinsi ya kufuta table ya databse kwa kutumia PHP. Pia utajifunza jinsi ya kututa database yeto
Soma Zaidi...PHP somo la 91: Mambo ya kuzingatia unapokuwa unashughulika na data za json
Haya ni mabo ya kuzingatia unapo encode ama ku decode data za json
Soma Zaidi...PHP - somo la 14: Jinsi ya kutengeneza database kwa kutumia PHP
Katika somo hili utakwenda kujifunza jinsi ya kutumia PHP kutengeneza database kwenye mysql database.
Soma Zaidi...PHP somo la 101: Advanced RedBeanPHP - Usimamizi wa Database, Usalama, na Ufanisi
Hili ni somo la mwisho katika mfululizo huu wa ORM, kupata ujuzi zaidi endelea kusoma ORM nyinginezo ambazo nimetangulia kuzitaja awali ya masomo haya.
Soma Zaidi...PHP - somo la 18: Jinsi ya kusoma data kutoka kwenye database kwa kutumia PHP
Katika somo hili utakwenda kujifunza jinsi ya kusoma data kutoka kwenye database kwa kutumia PHP.
Soma Zaidi...PHP somo la 49: utangulizi wa Object Oriented Programming katika PHP
Huu ni mwendelezo wa mafunzo ya PHP na hapa tunaaza rasmi advanced PHP. tutakwenda kuingia ndani zaidi kwenye PHP. Ni vyema kabla ya kuanza course hii ya advanced PHP uwe una uelewa wa kutosha kuhusu mafunzo yetu ya PHP.
Soma Zaidi...