gunanya buat nambahin backslash pd karakter \x00, \n, \r, \, ', " dan \x1a
contoh :
<?php
mysql_connect("localhost","root","");
$kal = "dia sedang 'belajar'";
echo mysql_real_escape_string($kal); // dia sedang \'belajar\'
?>
kalo kegunaan dalam web utk mncegah sql injection pd hlaman login(yg saya tau)
contoh :
buat database test
buat tabel admin: username varchar(20) dan password varchar(20)
trus insert username sama passwordnya (trserah agan)
misal :
+----------+----------+
| username | password |
+----------+----------+
| joke | 123 |
+----------+----------+
login.html
<form action="cek.php" method="post">
username:<input type="text" name="username"/><br/>
password:<input type="password" name="password"/><br/>
<input type="submit" value="login"/>
</form>
cek.php
<?php
mysql_connect("localhost","root","");
mysql_select_db("test");
$username = $_POST['username'];
$password = $_POST['password'];
echo "<p>select * from admin where username = '$username' && password = '$password'</p>";
$query = mysql_query("select * from admin where username = '$username' && password = '$password'");
$row = mysql_fetch_array($query);
if($row) echo "username dan password benar";
else echo "username dan password salah";
?>
buka login.html
coba isi username dan passwordnya sesuai yg di database (joke dan 123).
outputnya yg tampil :
select * from admin where username = 'joke' && password = '123'
username dan password benar
coba isi lagi dgn
username: test' or '1=1
password : test' or '1=1
outputnya yg tampil :
select * from admin where username = 'test' or '1=1' && password = 'test' or '1=1'
username dan password benar
bandingkan dgn cek.php yg ini
<?php
mysql_connect("localhost","root","");
mysql_select_db("test");
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
echo "<p>select * from admin where username = '$username' && password = '$password'</p>";
$query = mysql_query("select * from admin where username = '$username' && password = '$password'");
$row = mysql_fetch_array($query);
if($row) echo "username dan password benar";
else echo "username dan password salah";
?>
coba isi lagi dgn
username: test' or '1=1
password : test' or '1=1
outputnya yg tampil :
select * from admin where username = 'test\' or \'1=1' && password = 'test\' or \'1=1'
username dan password salah