Quote:
Originally Posted by BestXXXPorn
All these people offering advice and nobody points out to you that you have a giant gaping massive security hole... never, Never, NEVER use GET or POST variables right in a fucking SQL statement...
|
You mean something like this ?
PHP Code:
$sql = "UPDATE table SET column='$_POST[bla]'";