PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 web hosting 👉2 Kitabu cha Afya 👉3 Kitau cha Fiqh 👉4 kitabu cha Simulizi 👉5 Madrasa kiganjani 👉6 Bongolite - Game zone - Play free game
Post zinazofanana:
PHP - somo la 3: Maana ya variable na inavyoandika kwenye PHP
Katika somo hili utakwenda kujifunza kujusu PHP variable, maana yake na sheria za uandishi wa variable
Soma Zaidi...PHP - somo la 12: Jinsi ya kufanyia kazi taarifa zilizokusanywa kutoka kwa mtumiaji
Katika somo hili utakwenda kujifunza jinsi ya kutumia taarifa ambazo zimekusanywa kutoka kwa mtumiaji ili kuweka kutatuwa hoja mbalimbali
Soma Zaidi...PHP BLOG - somo la 10: Jinsi ya kufanya sanitization
Katika somo hili utajifunza jinsi ya kufanya sanitization kwenye user input ili kuzuia sql injection kwenye database.
Soma Zaidi...PHP - somo la 24: Jinsi ya ku upload file kwenye database na kulisoma kw akutumia php
Katika somo hili utajifnza jinsi ya ku upload file kwenye database. Kisha utajifunza jinsi ya kulisoma faili hilo kwa kutumia php
Soma Zaidi...PHP BLOG - somo la 8: Jinsi ya kufuta post kwenye database
katika post hii utajifunza jinsi ya kufuta post kwenye database. pia utajifunza jinsi ya kufuta picha kwenye server
Soma Zaidi...PHP - somo la 2: sheria za uandishi wa code za PHP
Katika somo hili utajifunza kuhusu syntax za PHP
Soma Zaidi...