我如何在 SQL 选择查询中使用 php cookie
[英]How do i use a php cookie in an SQL select query
问题描述
good day, i have an html form which takes user input and stores it in a cookie so i want to know how can i use that cookie in an SQL select query for instance like " SELECT prescription FROM medications WHERE prescription LIKE '%$prescription%'";
美好的一天,我有一个 html 表单,它接受用户输入并将其存储在 cookie 中,所以我想知道如何在 SQL 选择查询中使用该 cookie,例如" SELECT prescription FROM medications WHERE prescription LIKE '%$prescription%'"; and instead of that prescription variable i use the cookie value.而不是那个处方变量,我使用cookie值。
here is how i created the cookies这是我创建 cookie 的方法
<?php
if (isset($_POST['searchdisease'], $_POST['prescription'])) {
setcookie('searchdisease', $_POST['searchdisease']);
setcookie('prescription', $_POST['prescription']);
}
?>
HTML HTML
<form method="POST">
<fieldset>
<legend>INVOICE SUMMARY</legend>
<input id="nol" type="text" style="width: 280px;" name="searchdisease" placeholder="Type a disease keyword">
<input id="nol" type="text" style="width: 280px;" name="prescription" placeholder="Type a medication/procedure/service keyword">
<button id="nol" class="SearchButton1" type="submit" name="submit" style="width: 100px; background-color:green; color: white;">SEARCH</button>
</fieldset>
</form>
1 个解决方案
解决方案1
0 已采纳 2017-02-09 19:44:57
$_COOKIE['prescription'] , but PLEASE read up on mysql injections and how to prevent them using prepared statements. $_COOKIE['prescription'] ,但请阅读 mysql 注入以及如何使用准备好的语句防止它们。 Or at least add some other form of cleaning the value.或者至少添加一些其他形式的清理值。 Otherwise, you will open your application up to hacking because cookie contents can be tampered with using browser dev tools.否则,您将打开您的应用程序,因为可以使用浏览器开发工具篡改 cookie 内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.