How do i use a php cookie in an SQL select query
Question
good day, i have an html form which takes user input and stores it in a cookie so i want to know how can i use that cookie in an SQL select query for instance like " SELECT prescription FROM medications WHERE prescription LIKE '%$prescription%'"; and instead of that prescription variable i use the cookie value.
here is how i created the cookies
<?php
if (isset($_POST['searchdisease'], $_POST['prescription'])) {
setcookie('searchdisease', $_POST['searchdisease']);
setcookie('prescription', $_POST['prescription']);
}
?>
HTML
<form method="POST">
<fieldset>
<legend>INVOICE SUMMARY</legend>
<input id="nol" type="text" style="width: 280px;" name="searchdisease" placeholder="Type a disease keyword">
<input id="nol" type="text" style="width: 280px;" name="prescription" placeholder="Type a medication/procedure/service keyword">
<button id="nol" class="SearchButton1" type="submit" name="submit" style="width: 100px; background-color:green; color: white;">SEARCH</button>
</fieldset>
</form>
1 answers
solution1
0 ACCPTED 2017-02-09 19:44:57
$_COOKIE['prescription'] , but PLEASE read up on mysql injections and how to prevent them using prepared statements. Or at least add some other form of cleaning the value. Otherwise, you will open your application up to hacking because cookie contents can be tampered with using browser dev tools.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.