This page demonstrates a stored procedure + secure PHP coding practices.
spGetActiveAttendees| attendeeId | First Name | Last Name | Genre | isActive | |
|---|---|---|---|---|---|
| 1 | Ava | Clark | ava@mail.com | R&B | 1 |
| 2 | Josh | King | josh@mail.com | Hip-hop | 1 |
| 4 | Leo | Martinez | leo@mail.com | Jazz | 1 |
mysqli_real_escape_string:
Unsafe: Ava 'DROP TABLE attendee;'
Safe: Ava \'DROP TABLE attendee;\'
urlencode / urldecode:
Encoded: Ava+Clark+%2F+R%26B
Decoded: Ava Clark / R&B
htmlentities: used in table output above.
Upload a screenshot of your stored procedure from phpMyAdmin here: