13 MANAGING CONTENT
What this chapter covers:
- Preventing SQL injection attacks
- Inserting, updating, and deleting database records
- Using prepared statements with MySQLI and PDO
Although you can use phpMyAdmin for a lot of database administration, there are some things for which it's out of the question. The last thing you want is to give outsiders the freedom to poke around your database, adding and deleting vital records at will. You need to build your own forms and create customized content management systems.
At the heart of every content management system lie just four SQL commands: SELECT
, INSERT
, UPDATE
, and DELETE
. All four commands either rely on or can accept user input. So you need to make sure that any input doesn't expose your data ...
Get PHP Solutions: Dynamic Web Design Made Easy now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.