我無法理解如何消毒PHP對SQL注入,並希望有人會好心地給我解釋一下爲了使我的代碼安全,我需要在這裏更改什麼?
<?php
$dbConnection = mysqli_connect('****', '****', '****', 'db');
$query = "INSERT INTO `table` (`1`, `2`, `3`) VALUES ('$_POST[1]', '$_POST[2]', '$_POST[3]')";
if (mysqli_query($dbConnection, $query)) {
echo "Successfully inserted " . mysqli_affected_rows($dbConnection) . " row";
} else {
echo "Error occurred: " . mysqli_error($dbConnection);
}
?>
非常感謝你:) – kadeshiseraph