Ejemplo 2. Procedural style
<?php $link = maxdb_connect("localhost", "MONA", "RED", "DEMODB");
/* check connection */ if (maxdb_connect_errno()) { printf("Connect failed: %s\n", maxdb_connect_error()); exit(); }
maxdb_query($link, "CREATE TABLE temp.mycity LIKE hotel.city");
$city = "'s Hertogenbosch";
/* this query will fail, cause we didn't escape $city */ if (!maxdb_query($link, "INSERT into temp.mycity VALUES ('11111','$city','NY')")) { printf("Error: %s\n", maxdb_sqlstate($link)); }
$city = maxdb_real_escape_string($link, $city);
/* this query with escaped $city will work */ if (maxdb_query($link, "INSERT into temp.mycity VALUES ('22222','$city','NY')")) { printf("%d Row inserted.\n", maxdb_affected_rows($link)); }
maxdb_close($link); ?>
|
|