PHP BLOG - somo la 11: Jinsi ya kutumia prepared statement
Katika somo hili utajifnza jinsi ya kufanya prepared statement kama njia ya kuzuia sql ingection kwenye PHP blog
Ili kuweza kuelewa vyema post hii tafadhali rejea mafunzo yetu ya php level 3 somo la 21 na 22 [1] utajifunza kwa urefu zaidi kuhusu sql injection na jinsi inavyofanya kazi. Kisha ndipo utajifunza jinsi ya kuzuia kwa kutumia prepared statement.
Pia ejea mafunzo haya kwa njia ya video kwenye channel yeu inayopatikana kwa jina la tehama-tz kwa link hii https://youtube.com/@tehama-tz
Hapa chini nitakuletea mafaili yaliyobadilishwa baada ya kyfanyiwa njia hii:
post.php
<html>
<head>
<title>create your post</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="https://cdn.ckeditor.com/4.16.2/standard/ckeditor.js"></script>
<script src="ckeditor.js"></script>
<link rel="stylesheet" href="style.css">
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="title">Title</label><br>
<input type="text" name="title" placeholder="write your post title" id="title"><br>
<label for="summary">Summary</label><br>
<input type="text" name="summary" placeholder="write your post summary" id="summary"><br>
<label for="content">content</label><br>
<textarea name="content" id="content" placeholder="wrte your post content"></textarea>
<script>CKEDITOR.replace( 'content' );
</script>
<label for="publisher">publisher</label><br>
<input type="text" name="publisher" placeholder="write your post publisher" id="publisher"><br>
<label for="date">Date</label><br>
<input type="date" name="date" placeholder="write your post date" id="date"><br><br>
<label for="image">upload your image</label>
<input type="file" name="file" accept="image/*" id="image"><br><br>
<input type="submit" name="submit" value="submit">
</form>
<br><br>
</body>
</html>
<?php
include "config.php";
if (isset($_POST['submit'])) {
//start code
// form variables
$title = filter_var($_POST['title'], FILTER_SANITIZE_STRING);
$summary = filter_var($_POST['summary'], FILTER_SANITIZE_STRING);
$content = $_POST['content'];
$publisher = filter_var($_POST['publisher'], FILTER_SANITIZE_STRING);
$date = filter_var($_POST['date'], FILTER_SANITIZE_STRING);
$image = filter_var($_FILES['file']['name'], FILTER_SANITIZE_STRING);
$folder = "upload/";
$location = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size']; //1024 = 1kb, 1024 kb = 1mb, 1024 = 1 gb 5*1024*1024 = 5242880
$format = ["webp", "jpg", "jpeg", "png"];
$extension = pathinfo($image, PATHINFO_EXTE...
Umeionaje Makala hii.. ?
Share On:
👉1 Tafasiri ya Riyadh Swalihina 👉2 Bongolite - Game zone - Play free game 👉3 kitabu cha Simulizi 👉4 Madrasa kiganjani 👉5 Kitabu cha Afya 👉6 ai web app
Post zinazofanana:
PHP - somo la 4: Aina za data zinazotumika kwenye PHP
Katika somo hili utakwenda kujifunza aina za data ambazo hutumika kwenye PHP
Soma Zaidi...PHP somo la 80: Authentication header
Katika somo hili utakwenda kujifunza kuhusu Authentication header, najinsi ya kutuma taarifa hizo na kuzisoma
Soma Zaidi...PHP somo la 87: Jinsi ya kuangalia error wakati wa ku decode na ku encode json data
Katika somo hili utakwenda kujifunza jisni ya kudhibiti error ambazo zinaweza kutokea wakati wa ku encode na ku decoe json data
Soma Zaidi...PHP somo la 86: JInsi ya ku decode json yaani kubadili json kuwa php data kama array ana object
Katika somo hili utakwend akujifunza jinsi ya kubadili json data na kuwaphp array ama php object. Kwa ufupi tunakwend aku decode json data kuwa phparray amaobject
Soma Zaidi...PHP BLOG - somo la 12: Jinsi ya kutumia prepared statement kwenye kusoma post za blog
Katika somo hili tutakwenda kutumia prepared ststement kwenye ku fetch data kutoka kwenye database.
Soma Zaidi...PHP - somo la 48: Jinsi ya kuzuia hacking kwenye sytem ya kujisajili na ku login
Katika somo hili utajifunza jinsi ambavyo utaweza kutengeneza mfumo wa kuisajiki na ku login, kisha kuangalia usalama wa mfumo kwa kuzuia sql injection.
Soma Zaidi...