1. Dynamic monitoring query statements: is_numberic(), is_array, is_bool, is_double, is_string, is_object, is_integer, is_null check whether the expected data format!
2. Convert the data into the specified format: settype(): settype(string boog | integer | float | string | array | object | null, $variable);
3.sprintf() converts the elements in the string The semicolon is replaced with a variable passed as a parameter and formatted to the specified data type: sprintf("There are %u million cars in %s.",$number,$str)
Format: %b binary ;%s string; %o octal; %c ASCII; %% returns a percent sign; additional format value. Must be placed between % and letters (such as %.2f):
Use of placeholder: sprintf("With two decimal places: %1$.2f
Without decimals: %1$u" ,$number);
4. Add backslashes: addslashes,
Copyright statement: This article is an original article by the blogger and may not be reproduced without the blogger's permission.
The above introduces my PHP learning of SQL security, including aspects of it. I hope it will be helpful to friends who are interested in PHP tutorials.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
