MySQL Forums
Forum List  »  PHP

Re: What is wrong with this line?
Posted by: Peter Brawley
Date: December 31, 2018 09:07PM

1. Don't paste $_POST[] elements into a query without first verifying them and protecting against SQL injection, eg via mysqli_real_escape() or by using prepared statements.

2. the value in $_POST['uname'] appears to be a string, so it will need to be quoted. That appears to have triggered our err msg.

3. Every mysql call that can fail needs to invoke an error handler.

4. Your code will be much easier for you & others to debug if you structure it and lay it out with human readability in mind.

Options: ReplyQuote


Subject
Written By
Posted
December 31, 2018 07:32PM
Re: What is wrong with this line?
December 31, 2018 09:07PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.