|
#1
|
|||
|
|||
SQL prepared statement for TT
now you can use prepared statements to avoid sql injection for people who still use mysqli instead of PDO.
find and replace the code change following in mysql.class.php PHP Code:
replace the old mysqli procedural to Object Oriented FILE : functions.php PHP Code:
how to use: PHP Code:
default identifier is string,if you like to mention any other identifier like integer. PHP Code:
greetings to people who helped me
__________________
i do custom mods in xbtitfm and torrenttrader for $$, PM me for details. Last edited by JohnHasher; 12th December 2021 at 17:41. |
#2
|
||||
|
||||
we eliminated the need for thisEach()....(thanks to m-jay). You can check github for updates if it helps your project along. Thanks for the code. https://github.com/MicrosoulV3/TorrentTrader-v3. Feel free to help out if you want to, over at torrenttrader.uk. New ideas are always good. Hope you have a good day :)
Quote:
__________________
More torrenttrader stuff at https://torrenttrader.uk Last edited by MicroMonkey; 15th December 2021 at 20:41. |
#3
|
|||
|
|||
yeah sure
__________________
i do custom mods in xbtitfm and torrenttrader for $$, PM me for details. |
#4
|
||||
|
||||
You do know there is a easy of doing this without the above
|
#5
|
|||
|
|||
easy how?
__________________
i do custom mods in xbtitfm and torrenttrader for $$, PM me for details. |
#6
|
|||
|
|||
Explain more please is this so I can start updating to use MYSQLi over MySQL ? little bit confused :P
SQL_Query_exec($GLOBALS["DBconnector"], $query) or mysqli_error(__file__, __line__); |
#7
|
|||
|
|||
SQL_Query_exec(QUERY,PARAMETER,IDENTIFIER);
IF YOU DIDN'T MENTION ANY IDENTIFIER, DEFAULT IS STRING. THIS UPDATE IS FOR PEOPLE WHO USE MYSQLI INSTEAD OF PDO. YOU CAN EITHER USE PREPARED STATEMENTS (FOR COMPLETE PROTECTION AGAINST SQL INJECTION) OR NORMAL QUERY
__________________
i do custom mods in xbtitfm and torrenttrader for $$, PM me for details. |
#8
|
||||
|
||||
Quote:
you will be its not true msqli you do not need this part as well (__file__, __line__); Last edited by xblade; 18th December 2021 at 23:00. |
#9
|
||||
|
||||
ummm, mysqli_error does require that like this for precedural, but feel free to change it to OOP. I think thats what the OP was posting about anyways. I have no idea where bambam got that code from
mysqli_error($GLOBALS["DBconnector"])
__________________
More torrenttrader stuff at https://torrenttrader.uk Last edited by MicroMonkey; 19th December 2021 at 21:48. |
|
|