PHP-SQL/php7-mysql-data
1
0
Fork 0
mirror of https://github.com/janunger/rheinwerk-video-training.git synced 2026-02-05 22:55:14 +01:00
Code Issues Releases Wiki Activity

Initiale Version

Browse Source
This commit is contained in:
Jan Unger
2016-08-16 21:20:53 +02:00
commit 88cf71d772
10930 changed files with 1708903 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Kapitel_8/Lektion_3/injections.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
$pdo = new PDO('...');
$benutzername = $_POST['benutzername'];
// FALSCH!!!
$pdo->query("SELECT * FROM benutzer WHERE benutzername = '$benutzername'");
// Richtig
$statement = $pdo->prepare("SELECT * FROM benutzer WHERE benutzername = :benutzername");
$statement->execute(['benutzername' => $benutzername]);