Thread: xBtiT v2.5.4
View Single Post
  #77  
Old 17th May 2017, 22:07
Chez's Avatar
Chez Chez is offline
Senior Member
 
Join Date: Sep 2011
P2P
Posts: 278
Default
Ok so first of all that's called SQL INJECTION. The ' tries to open/close a string in your mysql query. Try automate your code using PDO. Now for that error look into your php code and you can do this and see if it works.

instead of this:
PHP Code:
"VALUES ('$your_value') " 
use this:
PHP Code:
"VALUES ('"mysql_real_escape_string($your_value)  ."') " 
__________________
http://www.bvlist.com/images/avatars/signaturepics/sigpic16443_2.gif
Reply With Quote