AvishekDe
commented
10 years ago Yes sir, I know about this. But since the app is going to be used in a local environment, I did not bother to address the security issues.
Open captn3m0 opened 10 years ago
AvishekDe
commented
10 years ago Yes sir, I know about this. But since the app is going to be used in a local environment, I did not bother to address the security issues.
Directly using $_POST values as strings without escaping in SQL queries is the greatest security sin a developer can commit.
Learn to write secure code. See 1 and 2 on how to improve.