How to prevent sql injection in php mysqli

basically have two options to achieve this:
1. Using MySQLi (for MySQL):

Example: Using MySQLi (for MySQL)

<?php
$users_name = $dbConnection->prepare('SELECT * FROM users WHERE name = ?');
$users_name->bind_param('s', $name); // 's' specifies the variable type => 'string'
$users_name->execute();
$result = $users_name->get_result();
while ($row = $result->fetch_assoc()) {
// do something with $row
}
?>

2. Using PDO (for any supported database driver):

Example: Using PDO:

<?php
$users_name = $pdo->prepare('SELECT * FROM employees WHERE name = :name');
$users_name->execute(array('name' => $name));
foreach ($users_name as $row) {
// do something with $row
}
?>

3. Escaping Strings
Escaping string helps in removing special characters for use in SQL statements. It also takes into account current charset of the connection.

Example: Escaping Strings:

<?php
$user_name = mysqli_real_escape_string($con, $_POST["user_name"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
mysqli_close($con);
?>

sql injection
How to prevent sql injection in php mysqli - php mysqli

Online Editor

ONLINE EDITOR

news templates

COLOR PICKER

news templates

This tool makes it easy to create, adjust, and experiment with custom colors for the web.

HTML Templates

Magnews2 is a modern and creative free magazine and news website template that will help you kick off your online project in style.

CSS HTML Layout

Find here examples of creative and unique website layouts.

Free CSS HTML Menu

Find here examples of creative and unique website CSS HTML menu.