mysql_real_escape_string() example:
<?php // Connect $db_con=mysqli_connect("localhost","my_user","my_password","my_db") OR die(mysqli_error()); // escape variables for security $username = mysqli_real_escape_string($db_con, $_POST['username']); // Query mysqli_query($db_con,"INSERT INTO Persons (FirstName, LastName, Age)VALUES ('$firstname', '$lastname', '$age')"); ?>
Question and answer is powered by AnsPress.io