Functions for preventing both SQL and XSS injection attacks
<?phpfunction mysql_entities_fix_string($string){return htmlentities(mysql_fix_string($string));}function mysql_fix_string($string){if (get_magic_quotes_gpc()) $string = stripslashes($string);return mysql_real_escape_string($string);}?>
Once you have prepared a statement, until you deallocate it, you can use it as often as you wish. Such statements are commonly used within a loop to quickly insert data into a database by assigning values to the MySQL variables and then executing the state-ment. This approach is more efficient than creating the entire statement from scratch on each pass through the loop.
<?phprequire 'login.php';$db_server = mysql_connect($db_hostname, $db_username, $db_password);if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());mysql_select_db($db_database)or die("Unable to select database: " . mysql_error());$query = 'PREPARE statement FROM "INSERT INTO classicsVALUES(?,?,?,?,?)"';mysql_query($query);$query = 'SET @author = "Emily Brontë",' .'@title = "Wuthering Heights",' .'@category = "Classic Fiction",' .'@year = "1847",' .'@isbn = "9780553212587"';mysql_query($query);$query = 'EXECUTE statement USING @author,@title,@category,@year,@isbn';mysql_query($query);$query = 'DEALLOCATE PREPARE statement';mysql_query($query);?>
The get_magic_quotes_gpc function returns TRUE if magic quotes are active. In that case,any slashes that have been added to a string have to be removed or the function mysql_real_eascape_string could end up double-escaping some characters, creating corrupted strings.
<?phpfunction mysql_fix_string($string){if (get_magic_quotes_gpc()) $string = stripslashes($string);return mysql_real_escape_string($string);}?>
I have developed many sites with PHP with WAMP Server.So I thought I had some experience in WAMP.But after installing new WAMP Server I doubt about that.Because it was always offline.WAMP icon shows yellow it means some working but not all.Actually I could use MySQL but not PHP.I tried MySQL by left click Wamp icon->MySQL –>MySQL console it works.I search many blogs and most of says it might be due to Skype or IIS server but I didn’t have installed IIS and I checked by uninstalling Skype,still I got offline color.
Then I tried to stop some other related services in Control Panel\All Control Panel Items\Administrative Tools\Services or you can get that window by right click MyComputer icon –>manage->Services and Application->Services if you are an administrator of that machine you can start or stop services on that list.But it doesn’t work for me.
I searched it again.Then I found one video with editing some code but it’s boring and so long to edit so I kept that away.after I found a article how to do that simply.just go to WAMP icon & left click->apache->services->test port 80 then I found “your port 80 is actually used by server microsoft-httpapi 2.0” so I found at last it was taken by some other process.So I did change the port no 80 to 81 it works for me.you can edit that one from editing httpd.conf in WAMP icon & left click->apache->httpd.conf search listen 80 and edit that to 81.
. But I’m back Now 
.<html>
<body>
<div>
<?php include("header.php"); ?>
</div>
<div>
<?php include("body.php"); ?>
</div>
<div>
<?php include("footer.php"); ?>
</div>
</body>
</html>
