Functions for preventing both SQL and XSS injection attacks
<?phpfunction mysql_entities_fix_string($string){return htmlentities(mysql_fix_string($string));}function mysql_fix_string($string){if (get_magic_quotes_gpc()) $string = stripslashes($string);return mysql_real_escape_string($string);}?>
Once you have prepared a statement, until you deallocate it, you can use it as often as you wish. Such statements are commonly used within a loop to quickly insert data into a database by assigning values to the MySQL variables and then executing the state-ment. This approach is more efficient than creating the entire statement from scratch on each pass through the loop.
<?phprequire 'login.php';$db_server = mysql_connect($db_hostname, $db_username, $db_password);if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());mysql_select_db($db_database)or die("Unable to select database: " . mysql_error());$query = 'PREPARE statement FROM "INSERT INTO classicsVALUES(?,?,?,?,?)"';mysql_query($query);$query = 'SET @author = "Emily Brontë",' .'@title = "Wuthering Heights",' .'@category = "Classic Fiction",' .'@year = "1847",' .'@isbn = "9780553212587"';mysql_query($query);$query = 'EXECUTE statement USING @author,@title,@category,@year,@isbn';mysql_query($query);$query = 'DEALLOCATE PREPARE statement';mysql_query($query);?>
The get_magic_quotes_gpc function returns TRUE if magic quotes are active. In that case,any slashes that have been added to a string have to be removed or the function mysql_real_eascape_string could end up double-escaping some characters, creating corrupted strings.
<?phpfunction mysql_fix_string($string){if (get_magic_quotes_gpc()) $string = stripslashes($string);return mysql_real_escape_string($string);}?>
I have developed many sites with PHP with WAMP Server.So I thought I had some experience in WAMP.But after installing new WAMP Server I doubt about that.Because it was always offline.WAMP icon shows yellow it means some working but not all.Actually I could use MySQL but not PHP.I tried MySQL by left click Wamp icon->MySQL –>MySQL console it works.I search many blogs and most of says it might be due to Skype or IIS server but I didn’t have installed IIS and I checked by uninstalling Skype,still I got offline color.
Then I tried to stop some other related services in Control Panel\All Control Panel Items\Administrative Tools\Services or you can get that window by right click MyComputer icon –>manage->Services and Application->Services if you are an administrator of that machine you can start or stop services on that list.But it doesn’t work for me.
I searched it again.Then I found one video with editing some code but it’s boring and so long to edit so I kept that away.after I found a article how to do that simply.just go to WAMP icon & left click->apache->services->test port 80 then I found “your port 80 is actually used by server microsoft-httpapi 2.0” so I found at last it was taken by some other process.So I did change the port no 80 to 81 it works for me.you can edit that one from editing httpd.conf in WAMP icon & left click->apache->httpd.conf search listen 80 and edit that to 81.
. But I’m back Now 
.<html>
<body>
<div>
<?php include("header.php"); ?>
</div>
<div>
<?php include("body.php"); ?>
</div>
<div>
<?php include("footer.php"); ?>
</div>
</body>
</html>
A session is a logical object created by the PHP engine to allow you to preserve data across subsequent HTTP requests.
There is only one session object available to your PHP scripts at any time. Data saved to the session by a script can be retrieved by the same script or another script when requested from the same visitor.
Sessions are commonly used to store temporary data to allow multiple PHP pages to offer a complete functional transaction for the same visitor.
PHP is a scripting language which originally was stood for Personal Home Page by Rasmus Lerdorf(1994)
after modifications by Andi Gutmans and Zeev Suraski(1997)
it changed to PHP: hypertext preprocessor.It is free software .
