Re: PS Re: GUI designer in html [message #182458 is a reply to message #182453] |
Mon, 05 August 2013 04:41 |
J.O. Aho
Messages: 194 Registered: September 2010
Karma:
|
Senior Member |
|
|
On 05/08/13 02:59, Norman Peelman wrote:
> On 08/04/2013 01:09 PM, J.O. Aho wrote:
>> Rule one, always validate user input, no matter if it's always your
>> mother who does the input, one day she may just try to see what happens
>> if she enters "'; drop database youdatabase; #" as input and as you
>> never have a backup of the database, you lost everything.
>>
>>
>
> That's only if you go out of your way to enable multiple statements
> by using 'mysqli_multi_query()', which doesn't support prepared
> statements. By default mysqli_query() and mysqli_real_query() do not
> allow multiple queries separated by semi-colons.
>
> http://us2.php.net/manual/en/mysqli.quickstart.multiple-statement.php
Unless something changed, mysqli_query supports multiple statements, but
the return value do not support to give you the result from all the
queries, I think it returned the last one.
--
//Aho
|
|
|