我的代码
<?php
if(isset($_GET["t"])){
if(is_int($_GET["t"])){
//redirect this person back to homepage
} else {
require('db.php');
$val = mysqli_real_escape_string($connectivity, $_GET['t']);
$db = mysqli_connect('localhost', 'root', '', 'college');
$query="select * from college where Id=$val";
$result=mysqli_query($db,$query);
while($row=mysqli_fetch_array($result,MYSQLI_ASSOC)){
echo $row['Name'].$row['Description'].'</br>'; };
}};
?>
如何防止此处的sql注入并且我也不想使用pdo。我还需要通过alter update drop语法来阻止(')sign命令,如果将它们键入将其重定向到404