SQL injection в PHP реальный пример
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
$title=$_POST['title']; $genre=$_POST['genre']; $actor=$_POST['actor']; mysqli_query($connect,"INSERT INTO movies(title,genre,actor) VALUES('$title','$genre','$actor')"); if(mysqli_affected_rows($connect) > 0){ echo "<p>Movie Added</p>"; echo "<a href='searchdisplay.php'>Search for movies!</a>"; } else { echo "Movie NOT Added<br />"; echo mysqli_error ($connect); } |