Zastista od SQLi ? mysqli_fetch_assoc()

Pozdrav, evo krenuo sam praviti nesto i vidim ovo mi ranjivo na SQLi, kako da fix.
Kada kucam project.php?id= izbaci mi
Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\WEB\project.php on line 10
Tako isto i kada dodam " ’ ", ili bilo koje slovo.

    <?php include('/includes/config.php'); ?>
<html>
<body>
<?php
if (isset($_GET["id"])) {
    $id = $_GET["id"];
    $query  = "SELECT * FROM projects WHERE id =".mysql_real_escape_string($id)." LIMIT 1";
    $result = mysqli_query($conn,$query);

    while ($row = mysqli_fetch_assoc($result)){
        echo $row["id"];
        echo $row["title"];
    }   
} else {
    	echo 'Undefined ID!';
    }      
?>
</body>
</html>

Probaj i vidi dal ti vraca ista

<?php
if (isset($_GET["id"]) && !empty($_GET['id']) && is_numeric($_GET['id'])) {
$id = (int) $_GET["id"];
$query  = "SELECT * FROM `projects` WHERE `id` ="'.mysql_real_escape_string($id).'" LIMIT 1";

var_dump($query);
/*
$result = mysqli_query($conn,$query);

while ($row = mysqli_fetch_assoc($result)){
    echo $row["id"];
    echo $row["title"];
}   
*/
} else {
	echo 'Undefined ID!';
}      
?>
1 Like

Nista ne vraca znaci radi, hvala.


Copyright © 2020 WM Forum - AboutContact - Sponsored by: Mydataknox & Profit Monkey