Will this protect from mysql injection?


Posted on 16th Feb 2014 07:03 pm by admin

I do not want anything like DROP TABLE to work or any type of coding..

Heres my code.. is it secure? if not, please help:

Code: <?php
mysql_connect('','','');
mysql_select_db('cars');

if(preg_match("/^[ a-zA-Z 0-9 &]+/", $_POST['q'])){

$q = $_POST['q'];

$q = addslashes(mysql_real_escape_string($q));

$result = mysql_query("SELECT * FROM parts WHERE MATCH (`category`,`name`,`description`) AGAINST ('$q' IN BOOLEAN MODE)");

$num_results = mysql_num_rows($result);

echo 'Found '.$num_results.' parts matching '.$q.'.';

if($num_results>0) {

$row['name'] = stripslashes(stripslashes($row['name']));
$row['description'] = stripslashes(stripslashes($row['description']));

echo '<p>'.$row['name'].'</a>
<img src="'.$row['thumbnailurl'].'"><br />'.$row['description'].'<br />'.$row['date'].'</p>';
}
}
else {
echo '<p>Their were 0 results for '.$q.'! Try again?</p>';
}
}
else {
echo '<p>TEXT ONLY PLEASE</p>';
}
?>

No comments posted yet

Your Answer:

Login to answer
146 Like 39 Dislike
Previous forums Next forums
Other forums

Scheduler problems related to execution of a single BLT by many schedules
Hello all,

We are running several MII instances in a distibuted architecture using a sing

image upload, resize THEN submit form
Ok so I have a form that requires the user to upload an image, and then do something with that image

help finding hacking loopholes
i was attacked by a redirect php injection

my pc is clean of viruses

so i figure that

Removing Title From database problem
Hi again ! i am having an issue with updating database. When i update any price of a title it remove

SMTP server...
I recently found a tutorial online on SMTP authentification for sending emails from webpages, here i

IIS & NW MII on the same server
Hi,

We're weighing the possibility to run both IIS and MII (NetWeaver) on the same server

New to mysqli library - Multiple query problem
Greetings,

I am writing a batch program that executes 3 queries on a single page. Using mysql

Page Reload
I am having issues getting a page to reload after I submit data to a database. This form should inp

Need to write a cookie with a url var
Not sure if its possible, but I need to write a cookie with a url.

So this would write 2232 a

Error with Font and imagettfbbox
I keep getting an error that says "Warning: imagettfbbox() [function.imagettfbbox]: Could not f

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash