mysql - PHP link security -
i've newssystem link index.php?article=news&id=10
, work comments mysqli_query($db, "select * news_comments news_id = '10'");
but when change link example index.php?article=news&id=10=asd
comments not there, because added asd
@ end.
can me?
you'll need ensure value of "id" integer.
not sure code looks like, like:
$id = intval($_get['id']); mysqli_query($db, "select * news_comments news_id = '$id'");
you sanitizing input correct?
Comments
Post a Comment