Closed ghost closed 6 years ago
I see you are doing escaping, but still, string concatenation, seems risky. mysqli is already there, just make all the queries parameterized to prevent injection
I see you are doing escaping, but still, string concatenation, seems risky. mysqli is already there, just make all the queries parameterized to prevent injection