Essential PHP Security Book Cover
Essential PHP Security by Chris Shiflett
About | Contents | Buy Now | Reviews | Errata | Code
  1. Foreword
  2. Preface
  1. Introduction
  2. Forms and URLs
          ch02.pdf
  3. Databases and SQL
  4. Sessions and Cookies
          ch04.pdf
  5. Includes
  6. Files and Commands
  7. Authentication and Authorization
  8. Shared Hosting
  1. Configuration Directives
  2. Functions
  3. Cryptography
  4. Index

Escape Output

(Chapter 1, Introduction - Pg 13-14)

< Back to Code Repository

<?php

$html = array();

$html['username'] = htmlentities($clean['username'],
                    ENT_QUOTES'UTF-8');

echo "<p>Welcome back, {$html['username']}.</p>";

$mysql = array();

$mysql['username'] = mysql_real_escape_string($clean['username']);

$sql "SELECT *
        FROM   profile
        WHERE  username = '{$mysql['username']}'";

$result mysql_query($sql);

?>