ROCKS MY WORLD: 2013

Monday, January 7, 2013

Use of Addslashes and Stripslashes Function in PHP

introduction
The addslashes() function is used to add backslashes [\] to data submitted from your forms. This keeps the input MySQL (and other coding languages) friendly. What this means is that addslashes() would change:
I'm Vinod
to:
I\'m Vinod
This function controls SQL injection; in other words you pass a special character, for example:
Addslashes function in php.jpg

$fname = $_POST[fname];
$sql="insert into user(fname) value($fname)";
x=(fname)value('Ram's');
This form is called SQL injection. Already (Magic_Quates_GPC)= On otherwise go to PHP ini setting GPC means G for GET, P for POST, and C for COOKIES.
Syntax

addslashes($string_data)

Example

php

$x="ram's"."
"."
";

echo addslashes($x);

php

$str = "Who's vinod?"."
"."
";

echo $str . " This is not safe in a database query.
"."
";

echo addslashes($str) . " This is safe in a database query.";

Output

The stripslashes() function is used to remove backslashes from data. One use of this function is to display data that addslashes() has been applied to. What this means is that stripslashes() would change:

I\'m very Powerful

into:

I'm very powerful

Using stripslashes() after mysql_real_escape_string

Syntax

stripslashes(string)

Note This function can be used to clean up data retrieved from a database or from an HTML form.

I have been reading most recently about prevention of SQL injection and I am trying to develop some sense of understanding among the various functions so that I can learn the basics.

I have read about mysql_real_escape_string and I understand that it is basically escaping characters which it deems "special" so that it is not confused for SQL syntax?

Example

php

$said = 'Who said \"Live long and prosper\"?'."
"."
";

;

print stripslashes($said);

php

echo stripslashes("Who\'s Sharad?");

Use of Addslashes and Stripslashes Function in PHP

ntroduction
The addslashes() function is used to add backslashes [\] to data submitted from your forms. This keeps the input MySQL (and other coding languages) friendly. What this means is that addslashes() would change:
I'm Vinod
to:
I\'m Vinod
This function controls SQL injection; in other words you pass a special character, for example:
Addslashes function in php.jpg

addslashes($string_data)

Example

php

$x="ram's"."
"."
";

echo addslashes($x);

php

$str = "Who's vinod?"."
"."
";

echo $str . " This is not safe in a database query.
"."
";

echo addslashes($str) . " This is safe in a database query.";

Output

I\'m very Powerful

into:

I'm very powerful

Using stripslashes() after mysql_real_escape_string

Syntax

stripslashes(string)

Note This function can be used to clean up data retrieved from a database or from an HTML form.

I have been reading most recently about prevention of SQL injection and I am trying to develop some sense of understanding among the various functions so that I can learn the basics.

I have read about mysql_real_escape_string and I understand that it is basically escaping characters which it deems "special" so that it is not confused for SQL syntax?

Example

php

$said = 'Who said \"Live long and prosper\"?'."
"."
";

;

print stripslashes($said);

php

echo stripslashes("Who\'s Sharad?");

Creating a Random String in PHP

Introduction
You can create a random string in PHP using the PHP built-in rand function. It might be for a complex password, a verification code, or something for developing. Basically it is used when you want to save time, in other words saving your manual process time, nothing more. In the following I present a simple way to create a random string in PHP step-by-step.

Step 1

Create a PHP rand_string function
First, you can create a PHP function with one (1) parameter specifying the length.

function rand_string ($length){...body}

It is used to generate a random string.

Step 2

Take a Variable
After that you can use a string variable with the name of char.

$char="ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz@#$&*";

It contains a collection of various types of strings. When a function generates a random string, all of the characters are fetched from it.

Step 3
We will refer to parts of this String using a random generator. Once we generate a random integer index, we add the corresponding character â€“ the character at that index â€“ to a finished String. This can be completed using a loop:

$size = strlen( $chars );
for( $i = 0; $i < $length; $i++ ) {
$str= $chars[ rand( 0, $size - 1 ) ];
echo $str;
}

Step 4
Call rand_string() function.rand_string( 5 );

Example
php

function rand_string( $length ) {

$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz@#$&*";

$size = strlen( $chars );

echo "Random string =";

for( $i = 0; $i < $length; $i++ ) {

$str= $chars[ rand( 0, $size - 1 ) ];

echo $str;

}

rand_string( 5 );

Saturday, January 5, 2013

Admin Panel in PHP

SQL Limit in PHP

Introduction

PHP has an operator named LIMIT. Using the LIMIT operator you can fetch a minimum and maximum row from a database. In this article you will see, how to execute the LIMIT operator of MySQL in PHP.

Suppose that there are ten rows in a table of any database in MySQL. You want to fetch only five rows from your database; then you will use the LIMIT operator.

Suppose there is the above table in your database. You want to fetch only five rows from this table. For this purpose you will use the LIMIT operator. An example of the LIMIT operator is as follows:
Example 1. If you want to see only five rows from a table in MySQL then you will use the following query:
select * from emp limit 5
Output

Example 2. If you want to see only five rows from a table in PHP form, then you will use following code.
In this example, we have created a limit.php page, in which we execute a query with the LIMIT operator. In the LIMIT operator we put minimum and maximum limit of the table data. For example, the LIMIT 0,5 retrieves the row starting from row number 0 (the first one) to a maximum of 5 rows. Code

<title>Limit in PHP</title>
<body bgcolor="pink">< h3><u>SQL Limit in PHP<u></h3>
<center> $con = mysql_connect("localhost","root","");
if (!$con) {
die( 'Could not connect: ' . mysql_error());
} mysql_select_db ("sunderdeep", $con); // sunderdeep is a database name $result = mysql_query ("select * from emp limit 0,5"); // emp is the table name in database echo "

"

emp_id	emp_Name

;
while ($row = mysql_fetch_array ($result)) {
echo " " ;
echo "" . $row ['emp_id'] . "

";
echo "" . $row ['emp_name'] . "";
echo "";
}echo "";

mysql_close ($con);?></center>
</body>

The above file is saved with the name limit.php.

Output

When you browse your limit.php file then you will get the following output:

Conclusion

So in this article you saw, how to execute the LIMIT operator of MySQL in PHP. Using this article one can easily understand how to execute the LIMIT operator of MySQL in PHP.

Delete Statement in PHP

In the last article I explained how to update and select data from a MySql database into a HTML table. In this article I will explain how to delete data in the database through HTML table. In this article you will see, data deleted from the front end i.e. HTML table.
Code
$con=mysql_connect ("localhost","root","");
mysql_select_db ("mcn",$con);
@$a=$_POST['txt1'];
@$b=$_POST['txt2'];
@$c=$_POST['txt3'];
@$d=$_POST['txt4'];if(@$_POST ['del'])
{
$s="delete from employee where name='$a'";echo "Your Data Deleted";
mysql_query ($s);
}
$con=mysql_connect ("localhost","root","");
mysql_select_db ("mcn",$con);if(@$_POST ['sel'])
{echo $ins=mysql_query ("select * from employee");echo "







   "

Select Data From Employee Table
Nmae	Designation	Sal	Qualification

;
   while ($row=mysql_fetch_array($ins))
   {
   echo " " ;
   echo "".$row ['Name']."

";
   echo "". $row ['Designation']. "";
   echo "". $row ['Sal']."";
   echo "".$row ['Qualification']."";
   echo "";
   }
   }
echo ""
?><html>
<head>
</head>
<body bgcolor="pink">< center>
<table bgcolor="skyblue" border="2">< form method="post">< tr>
<td colspan=2 align="center">Employee Table</td></ tr>
<td>Name</td><td><input type="text" name="txt1"></td></ tr>
<tr>
<td>Designation</td><td><input type="text" name="txt2"></td></ tr>
<tr>
<td>Sal</td><td><input type="text" name="txt3"></td></ tr>
<tr>
<td>Qualification</td><td><input type="text" name="txt4"></td></ tr>
<tr>
<td><input type="submit" name="del" value="Delete"></td>< td><input type="submit" name="sel" value="Select"></td></ tr>
</form>
</table>
</center>
</body></ html Output
First of all you will select data from the database using the select button. When you will click on the select button then you will see the data table displayed on your web page. Like as in the following image.

Suppose you want to delete Brajesh Kumar from your database. For this purpose you will fill in the name of the employee in the employee table, then click on the delete button. You can see in the following image.

When you will click on the delete button then display a message on your webpage i.e. "Your Data Deleted".

Now you will click on the select button for the selected data from the database. When you click on the select button then display data table on your web page. In this table you will see Brajesh kumar employee not exist. You can see in the following image.

Conclusion
So in this article you saw how to delete data from a database in a HTML table (front end). Using this article one can easily understand how to delete data from a database.

Update Statement in PHP

In the previous article you saw how to insert and select data from a database to a HTML table. In this article you will see how to update data in a database through HTML table. Using the update statement you can update data in your database.
Code
$con=mysql_connect ("localhost","root","");
mysql_select_db ("mcn",$con);
@$a=$_POST['txt1'];
@$b=$_POST['txt2'];
@$c=$_POST['txt3'];
@$d=$_POST['txt4'];if(@$_POST ['up'])
{
$s="update employee set Designation='$b',Sal='$c',Qualification='$d' where Name='$a'";echo "Your Data Updated.";
mysql_query( $s);
}
$con=mysql_connect ("localhost","root","");
mysql_select_db("mcn",$con);if(@$_POST ['sel'])
{echo $ins=mysql_query ("select * from employee");echo "







   "

Select Data From Employee Table
Nmae	Designation	Sal	Qualification

;
   while ($row=mysql_fetch_array($ins))
   {
   echo " " ;
   echo "".$row ['Name']."

";
   echo "". $row ['Designation']. "";
   echo "". $row ['Sal']."";
   echo "".$row ['Qualification']."";
   echo "";
   }
   }
echo ""
?><html>
<head>
</head>
<body bgcolor="pink"><center>
<table bgcolor="skyblue" border="2"><form method="post"><tr>
<td colspan=2 align="center">Employee Table</td></tr>
<td>Name</td><td><input type="text" name="txt1"></td></tr>
<tr>
<td>Designation</td><td><input type="text" name="txt2"></td></tr>
<tr>
<td>Sal</td><td><input type="text" name="txt3"></td></tr>
<tr>
<td>Qualification</td><td><input type="text" name="txt4"></td></tr>
<tr>
<td><input type="submit" name="up" value="Update"></td><td><input type="submit" name="sel" value="Select"></td></tr>
</form>
</table>
</center>
</body></html Output
First of all we select a table from the database like as in the following image. In the following table we will change the field of Manish Tewatia.

In the employee table we will fill the column for Manish Tewatia such as in the following image.

In the above table we filled designation, sal, qualification of Manish Tewatia. When you will click on the update button then your data will be updated.

When you select a table from your database then you will get the update data of Manish Tewatia. Like as in the following image.

In the above table you will see, the designation, sal, qualification changed of Manish Tewatia.
Conclusion
So in this article you saw how to update data in the database. Using this article one can easily understand update statement in PHP.

Pages

Monday, January 7, 2013

Saturday, January 5, 2013