php-mysql-防止sql注入

1.防止sql注入-预准备

$qSelect = $DBH->prepare("SELECT * FROM users WHERE username = ?");
$qSelect->bind_param("s", $username);
}

$PDO->prepare(

"SELECT * FROM users WHERE username = ?"

"SELECT * FROM users WHERE username = :username"

);
 $pdo->execute([1]);

$pdo->execute(['

:username=>1

']);

posted @ 2021-03-04 17:01 努力不搬砖的iori 阅读(50) 评论(0) 编辑收藏举报

刷新页面返回顶部