Skip to content
Carl Victor Fontanos
Carl Victor Fontanos

Carl Victor Fontanos

Software Engineer

I build web applications and share what I learn along the way.

© 2026

Tutorials

128 tutorials

Step-by-step programming tutorials on PHP, JavaScript, Laravel, WordPress and more.

PHP Intermediate

Your LIKE Search Has a Wildcard Injection Bug

Prepared statements stop SQL injection - but % and _ sail straight through into LIKE patterns, letting users dump whole tables or run pathological scans. The fix is three characters of escaping.

2 min 396
PHP Intermediate

preg_replace_callback: Regex Replacements With a Brain

When each match needs logic - lookups, formatting, escaping - preg_replace hits its ceiling. The callback variant runs code per match, and preg_quote keeps user input from breaking your patterns.

3 min 187