search

nazimboudeffa / chaudoudoux-app-php

Nounous et Familles
https://chaudoudoux.app
0 stars 0 forks source link

injection sql #1

Open enzoangu opened 2 years ago

enzoangu commented 2 years ago

" and 1 == 1

nazimboudeffa commented 2 years ago

How to fix it ? This way ?

<?php
function BlockSQLInjection($str)
{
return str_replace(array("'",""","'",'"'),array("'","&quot;"'","&quot;",$str));
}
?>

Then

<?php
$userName=BlockSQLInjection($_POST['userName']);
$password=BlockSQLInjection($_POST['password']);
?>