Two conditions after conditions

Question

I have a request that doesn't work

$lokesh = "select * from license_info where mac_id='$mac_id' and admin_user_name='$admin'";

In the previous request I select the entry where macid and admin_user_name where mapped

But while I repeat this sql query, it prints output like

select * from license_info where mac_id='0800279020F2' and admin_user_name='sanjay
'

the last single quotes are printed below the line, so I cannot extract the entry. What is the reason for printing single quotes in the line below

+3

LOKESH June 13. 15 at 5:53

2 answers

Delete br

or new line feed tag

and execute it. and use validation

$admin=htmlspecialchars($admin);

htmlspecialchars()

to avoid sql injection

or use htmlentities

$admin=htmlentities($admin);

0

Bruce June 13. '15 at 6:35

Sami kuhmonen · Accepted Answer · 2015-06-13T05:55:19+0000

The reason is that your variable $admin

contains a newline at the end. Delete it and there will be no problem with it.

You do, however, have a possible SQL injection attack. Use parameters, not built-in values.