I have a form and post to file.php
by AJAX like this:
<?php
$sql = $db->prepare("INSERT INTO warna SET id_warna='', nm_warna=? ");
$sql->bind_param("s", $nm_warna);
$sql->execute();
?>
Is it safe? Or what must I do to make it safe?
</div>