Greenguy's Board - View Single Post

cd34 · 2009-01-01, 09:01 AM

after the insert do:

print mysql_error();

If there is an error on the insert, this will at least tell you what it is.

Based on your code, if your data contains an apostrophe in the data ('), it will also crash. If your code isn't doing any validation of the values, your application will be susceptible to SQL injection. Doing it on this insert might be somewhat benign, but, if they hit the right combination, you could suffer some data loss or worse, data that should be private will be exposed.

2009-01-01, 09:01 AM	#2
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	after the insert do: print mysql_error(); If there is an error on the insert, this will at least tell you what it is. Based on your code, if your data contains an apostrophe in the data ('), it will also crash. If your code isn't doing any validation of the values, your application will be susceptible to SQL injection. Doing it on this insert might be somewhat benign, but, if they hit the right combination, you could suffer some data loss or worse, data that should be private will be exposed. __________________ SnapReplay.com a different way to share photos - iPhone & Android