This is how i store data in mysql via php form. I know its security risk.
Examples - $price = $_POST'price'];
OR
$price = array_key_exists('price', $_POST) ? $_POST'price'] : "";
and sql query is -
$insertqry = qa_db_query_sub("INSERT INTO test_table (title, price) VALUES ('$title','$price')");
How should i post data in latest php 7 and above version ?
I think escape string is deprecated or outdated.
Thanks for your help ! |