GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Smarty · 04-21-2008, 06:06 PM

Code:

$avatar = blah blah
$quote = blah Blah


mysql_query(UPDATE 'whatever' SET avatar = $avatar, quote = $quote and so on ... WHERE id = id ..)

make sure that when you show them teh form .. the values that are in teh database already shown in teh form .. and when they update something you just update all teh values.

Also teh script is a drama .. because you allow teh users to put everything in your database without any checking .. at least do a mysql escape on the posted vars.

04-21-2008, 06:06 PM
Smarty Registered User Join Date: Nov 2006 Posts: 11	Code: $avatar = blah blah $quote = blah Blah mysql_query(UPDATE 'whatever' SET avatar = $avatar, quote = $quote and so on ... WHERE id = id ..) make sure that when you show them teh form .. the values that are in teh database already shown in teh form .. and when they update something you just update all teh values. Also teh script is a drama .. because you allow teh users to put everything in your database without any checking .. at least do a mysql escape on the posted vars. __________________ The Best High Def Sites To Promote