Closed rainworm closed 13 years ago
In this internal mail system, you are taking raw input data and inserting it into a MySQL database. You have left yourself wide open for a security issue known as SQL Injection.
I strongly advise, to use MySql function "mysql_real_escape_string".
greetings, rainworm
I will heed your advice and implement this, thanks! :)
Great to hear that. :)
In this internal mail system, you are taking raw input data and inserting it into a MySQL database. You have left yourself wide open for a security issue known as SQL Injection.
I strongly advise, to use MySql function "mysql_real_escape_string".
greetings, rainworm