Tutorial on how to prevent mysql injection using mysql function and php script from beginning to advance no PDO

Oh have seen your mistake

Like I told you earlier, if you’re going to take a lot of time, save your time and again, thank you.

according to your statement… you only select into a variable and it return no row.

you need this

Begin
Declare Varret Int(255);
Select admndwlk Into Varret from tablename where id = idss;
return Varret;
end;

You need to return if you are using function

but if is procedure you need this

Begin
Declare Varret Int(255);
Select admndwlk Into Varret from tablename where id = idss;
Select Varret;
end;

1 Like

You select the variable if you are using procedure

but you return a variable if you are using function

But as I told you earlier, this problem arises when I use procdure, not funnction.
And for the record, this sentence works in function normally.
But what made me hate function when I ask for example id, usernaem from within row I can’t do RETURN except id for example
I mean I couldn’t get the id and the username back together unfortunately

RETURN It’s only allowed in function.

I understand…

You are doing it wrong…

just calm the script has no issue…

according to the error you sent it means no row was return from your statement.

now when i looked into your statement you are not out putting anything out you need to select the variable.

you know in function you use Return but in procedure you will use Select

You need to select it not return

1 Like

yes, when I did what you say and went to write RETURN in the procdure, I got an error message telling me return can only be used in function.

Use Select not Return

1 Like

Is here now… Select the variable not return

Yes, after using SELECT, the code has worked :tada::tada:

you can mark one of my reply has solution… happy coding… you just need to understand mysql very well… the script is okay no issue.

bye for now :slight_smile:

1 Like

I really wanted to do something for you this solution was less the least I could have done for you to help me but unfortunately you created the post so do not show me the sign of solution here you are the only one who can make a solution mark

If that’s not going to bother you, please wipe the solution mark.
Because this post will close in 30 days, and no one if they need help can write their problem here.

I did it like you said, but still when I get in +1, two are added.

send me your code privately… let me check.

1 Like

You may also want to try this library for running MYSQL in a simple way. only for web developer.
MYSQL LIBRARY

I see I missed some things. Please don’t use all caps. That is like shouting and we don’t shout here. Please change that.

Brand new version…

OSQL - Mysql freedom is here, injection stop and bind parameter available - Guides / Resources - Kodular Community