Hello all,
Does anyone know how I could use mysql_real_escape_string with the server side script for my WHERE clause? I've posted a screenshot of what I've tried and you can also see the line I tried (which I commented out). Basically, I'm just trying to prevent SQL injection.
Thank you for your help!
require( 'ssp.class.php' );
//$search = mysql_real_escape_string($_POST['search']);
$search = $_POST['search'];
echo json_encode(
SSP::complex( $_GET, $sql_details, $table, $primaryKey, $columns, null, "personaName = '$search'" )
);