Friday 6 September 2019

How to prevent SQL injection in PHP?

<?php
$con = mysqli_connect("localhost","my_user","my_password","my_db");
// Check connection
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    //unsafe data
    $unsafe_name = mysqli_real_escape_string($con, $_POST['fname']);
    $unsafe_email = mysqli_real_escape_string($con, $_POST['email']); 

    //safe data
    $safe_name = mysqli_real_escape_string($con, $_POST['fname']);
    $safe_email = mysqli_real_escape_string($con, $_POST['email']); 

    $sql = "INSERT INTO my_db (fname, email)  VALUES ('".$safe_name."', '".$safe_email."')";
    if (!mysqli_query($con,$sql)) {
        die('Error: ' . mysqli_error($con));
    }
    echo "1 record added";
    mysqli_close($con);  
}
?>

<form action="" method="post">
    Name: <input type="text" name="fname"><br>
    E-mail: <input type="text" name="email"><br>
    <input type="submit">
</form>
By at No comments:
Labels: , , ,

Thursday 5 September 2019

How to connect to mysqli database in php?


Create connection.php file and include all CRUD operation's file for connect database.

<?php
error_reporting(0);
$DB_HOST = 'localhost';
$DB_USER = 'root';
$DB_PASS = '';
$DB_NAME =  'mysql';
$conn = mysqli_connect($DB_HOST,$DB_USER,$DB_PASS,$DB_NAME);
// Check connection
if (!$conn) {
    echo "Failed to Connect to MySQL: " . mysqli_connect_error();
}else{
    echo "Success Connection to MySQL...!";
}
?>
By at 3 comments:
Labels: , ,

Tuesday 3 September 2019

How to Replace Text of the_content in WordPress

If you want to replace keywords and text in the_content? Add the following code to the functions.php file of your WordPress active theme OR in custom plugin.

<?php
function replace_text($text) {
    $text = str_replace('Have a coupon?', 'Haben Sie einen Gutschein?', $text);
    $text = str_replace('Apply Coupon', 'Gutschein anwenden', $text);
    $text = str_replace('Product', 'Produkt', $text);
    $text = str_replace('Price', 'Preis', $text);
    $text = str_replace('Coupon code', 'Gutschein Code', $text);
    $text = str_replace('Update Cart', 'Warenkorb aktualisieren', $text);
    $text = str_replace('Billing Details', 'Rechnungsdetails', $text);
    $text = str_replace('Additional Information', 'Zusätzliche Informationen', $text);
    $text = str_replace('Your order', 'Ihre Bestellung', $text);
    $text = str_replace('Shipping address', 'Lieferadresse', $text);
   
    return $text;
}
add_filter('the_content', 'replace_text',99);
?>
By at No comments:
Labels:
Subscribe to: Posts (Atom)