|
|
|
|
|
|
by Nilithus
874 days ago
|
|
|
This is insecure code that is susceptible to SQL injection. Check out https://phptherightway.com/#databases and read the PDO section. It gives almost your exact code as an example of what not to do. Look at using PDO bound parameters. You never want to concat strings together to create sql. Especially with strings that come from untrusted sources. |
|
|