Raised This Month: $ Target: $400
 0% 

PHP/SQL Help!


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
quark
Veteran Member
Join Date: Oct 2011
Location: Your mind.
Old 09-16-2012 , 12:31   PHP/SQL Help!
Reply With Quote #1

PHP Code:
            $result mysql_query("SELECT * FROM sk1 WHERE nick = '$user'");
            
            if(
mysql_num_rows($result) > 0)
            { 
            echo 
"This nickname is already taken!";
            } else {
            
mysql_query("INSERT INTO `sk1` (`nick`,`password`,`steamID`) VALUES ('".$_POST['nick']."','".$_POST['pwd']."','".$_POST['steamID']."')") or die (mysql_error());
                        
            echo 
"Congratulations! You are now registered!";
            } 
So, this is not working. I can register 10000 times the same name. Any suggest?
__________________

Check out My Plugins:
qServerInfo ; ASKTAG
quark is offline
mabaclu
Senior Member
Join Date: Jun 2010
Location: Portugal
Old 09-16-2012 , 12:32   Re: PHP/SQL Help!
Reply With Quote #2

Instead of $user write ".$_POST['nick']."
__________________
mabaclu is offline
quark
Veteran Member
Join Date: Oct 2011
Location: Your mind.
Old 09-16-2012 , 12:34   Re: PHP/SQL Help!
Reply With Quote #3

What the.. It worked , ty
__________________

Check out My Plugins:
qServerInfo ; ASKTAG
quark is offline
xPaw
Retired AMX Mod X Moderator
Join Date: Jul 2008
Old 09-16-2012 , 12:38   Re: PHP/SQL Help!
Reply With Quote #4

So many opportunities for SQL injections!
__________________
xPaw is offline
mabaclu
Senior Member
Join Date: Jun 2010
Location: Portugal
Old 09-16-2012 , 12:38   Re: PHP/SQL Help!
Reply With Quote #5

Quote:
Originally Posted by xPaw View Post
So many opportunities for SQL injections!
LOL, poor innocent guy...
__________________
mabaclu is offline
quark
Veteran Member
Join Date: Oct 2011
Location: Your mind.
Old 09-16-2012 , 12:45   Re: PHP/SQL Help!
Reply With Quote #6

So, you want to help me?
__________________

Check out My Plugins:
qServerInfo ; ASKTAG
quark is offline
mabaclu
Senior Member
Join Date: Jun 2010
Location: Portugal
Old 09-16-2012 , 13:05   Re: PHP/SQL Help!
Reply With Quote #7

Search for the function mysql_real_escape_string
__________________
mabaclu is offline
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 02:47.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode