a1exlism/php_ parameterized_queries

## php_ parameterized_queries
From:http://www.ahlinux.com/php/12992.html

<?php
//Example_1
$query = sprintf("SELECT * FROM Users where UserName='%s' and Password='%s'",
                  mysql_real_escape_string($Username),
                  mysql_real_escape_string($Password));
mysql_query($query);
//Example_2
$db = new mysqli("localhost", "user", "pass", "database");
$stmt = $mysqli -> prepare("SELECT priv FROM testUsers WHERE username=? AND password=?");
$stmt -> bind_param("ss", $user, $pass);
$stmt -> execute();
?>
	From:http://www.ahlinux.com/php/12992.html

	<?php
	//Example_1
	$query = sprintf("SELECT * FROM Users where UserName='%s' and Password='%s'",
	mysql_real_escape_string($Username),
	mysql_real_escape_string($Password));
	mysql_query($query);
	//Example_2
	$db = new mysqli("localhost", "user", "pass", "database");
	$stmt = $mysqli -> prepare("SELECT priv FROM testUsers WHERE username=? AND password=?");
	$stmt -> bind_param("ss", $user, $pass);
	$stmt -> execute();
	?>