Will this protect from mysql injection?


Posted on 16th Feb 2014 07:03 pm by admin

I do not want anything like DROP TABLE to work or any type of coding..

Heres my code.. is it secure? if not, please help:

Did you know?Explore Trending and Topic pages for more stories like this.
Code: <?php
mysql_connect('','','');
mysql_select_db('cars');

if(preg_match("/^[ a-zA-Z 0-9 &]+/", $_POST['q'])){

$q = $_POST['q'];

$q = addslashes(mysql_real_escape_string($q));

$result = mysql_query("SELECT * FROM parts WHERE MATCH (`category`,`name`,`description`) AGAINST ('$q' IN BOOLEAN MODE)");

$num_results = mysql_num_rows($result);

echo 'Found '.$num_results.' parts matching '.$q.'.';

if($num_results>0) {

$row['name'] = stripslashes(stripslashes($row['name']));
$row['description'] = stripslashes(stripslashes($row['description']));

echo '<p>'.$row['name'].'</a>
<img src="'.$row['thumbnailurl'].'"><br />'.$row['description'].'<br />'.$row['date'].'</p>';
}
}
else {
echo '<p>Their were 0 results for '.$q.'! Try again?</p>';
}
}
else {
echo '<p>TEXT ONLY PLEASE</p>';
}
?>
No comments posted yet

Your Answer:

Login to answer
146 Like 39 Dislike
Previous forums Next forums
Other forums

Something like an INI editor or a DelimitedText-Editor
Hi all,

Am very, very, very new to PHP and not sure if I should be posting this to a Javascri

How to display value in drop down list after form has been reloaded
Please bear with me as I am very new to php and html.

I have a form with several drop down me

Reditecting pages based on logic
Newbie here, apologies in advance!

I am trying to use the header function to forward one of a

Fetching array then reversing it
Hi, I have a simple problem, I'll try to explain it as best I can:
News entries in my database ar

data type in column definition
Hi,
I create a table with column called "Direction of Travel code ".
The travel codes in t

Why do I get this error?
Error:

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or

Matchcode in ALV change header column
Hello everyone,

I am working in an SAP system that is currently in upgrade and conversion

List/Menu Box
On an edit page when you want something to select what a user has previously selected from the datab

textfield unchanged
hi,
i want my form to know whether its textbox is unchange or not.

if($textbox == 'unchang

check comment for html
hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash