Inputs not being sanitised with PDO?
Im trying to input data into my table, and it's all working correctly only I can insert symbols etc such as "//<@£$^" Can anybody tell me what im doing wrong?
<?php
// configuration
$dbhost = "localhost";
$dbname = "_co_uk";
$dbuser = access@.c;
$dbpass = "access";
// database connection
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass);
// new data
$email_address = $_POST["field"];
// query
$sql = "INSERT INTO user_signups (email_address) VALUES (:email_address)";
$q = $conn->prepare($sql);
$q->execute(array(':email_address'=>$email_address));
?>
Im trying to input data into my table, and it's all working correctly only I can insert symbols etc such as "//<@£$^" Can anybody tell me what im doing wrong?
<?php
// configuration
$dbhost = "localhost";
$dbname = "_co_uk";
$dbuser = access@.c;
$dbpass = "access";
// database connection
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass);
// new data
$email_address = $_POST["field"];
// query
$sql = "INSERT INTO user_signups (email_address) VALUES (:email_address)";
$q = $conn->prepare($sql);
$q->execute(array(':email_address'=>$email_address));
?>
No comments:
Post a Comment