php - Does not work markers in prepeared statments -

-

this question has answer here:

$dbh = new pdo('mysql:host=' . $_post['db_host'], $_post['db_user'], $_post['db_user_password']); $sql = 'create database :db_name'; $sth = $dbh->prepare($sql); $sth->bindparam(':db_name', $_post['db_name']); var_dump($sth->execute());

it's allways show false. if directly specify db_name, this:

$sql = 'create database database'; $sth = $dbh->prepare($sql); $sth->execute();

it work. i'm doing wrong?

you can bind data (column values) in parametrized query, not column name , table name. also, in code tried parametrize connection initialization think not correct.

you can alternatively depend on white list of db names:

 $databases = array('dbone', 'dbtwo');

then check 

 if(in_array($_post['db_name'], $databases) ){    $dbname = $_post['db_name'];  }

Comments

Post a Comment

Popular posts from this blog

html5 - What is breaking my page when printing? -

-
Image
i have questioner , don't know why when printing it's creating break before first question. live demo (link) i able resolve issue removing fieldset container had wrapped in.. having fieldset element causing of fields grouped together, , since not fit on first page, being pushed second page. removing fieldset element, able firefox print first 2 questions on page 1 identically chrome. it seems not new problem firefox , fieldset not playing nice found old bugzilla ticket 2008 has persisted , still being commented on in 2014 (link) if retaining fieldset important, found solution else came here (link) <script type='text/javascript'> $(window).bind('beforeprint', function(){ $('fieldset').each( function(item) { $(this).replacewith($('<div class="fieldset">' + this.innerhtml + '</div>')); } ) }); $(window).bind(
Read more

html - Unable to style the color of bullets in a list -

-
i'm trying change colour of list points it's not working? <div class="mobile-menu" id="mobile-menu"> <div id="mobile-menu-links"> <h4>general:</h4> <ul class="mobile-menu-links"> <li><a href="">news</a></li> <li><a href="">the boring rules!</a></li> <li><a href="">the rankings</a></li> </ul> .mobile-menu #mobile-menu-links ul{ list-style-type: none; margin:0; padding-left:3%; } .mobile-menu #mobile-menu-links ul li{ padding-bottom:2px; border-bottom:1px solid #bababa; } if add color:red in either of 2 css declarations, doesn't change colour. please note html closed in document, copi
Read more

c# - must be a non-abstract type with a public parameterless constructor in redis -

-
when save object, got below error must non-abstract type public parameterless constructor in order use parameter 't' in generic type or method 'servicestack.redis.redisclient.store<t>(t) redisclass.getinstnace().store(msg); // error here redisclass.getinstnace().save(); as third party's class, can not edit how save object? could create wrapper around third party object call constructor, store wrapper? e.g. public class mywrapper { public thirdpartyobject thirdpartyinstance { get; set; } public mywrapper() { thirdpartyinstance = new thirdpartyobject("constructors"); } }
Read more