Jump to content

gmaster_PT

New Members
  • Posts

    6
  • Joined

  • Last visited

gmaster_PT's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. ok with $sql = stripslashes(substr($_POST['tag'], 15, 2000)); stripslashes its what i need thankss all for the help.
  2. ok now i get an syntax error because php put the query like this "\'pgtobtn=\'n' way this \ added to the query????? thanks alll
  3. no my database its set to varchar if i put manualy it keeps only when i try to update via php dont do nothing...
  4. hi all <?php if (substr($_POST['tag'], 0, 15) == 'chave|commando|'){ include 'db_con.php'; session_start(); $sql = substr($_POST['tag'], 15, 2000); $result = mysql_query($sql); mysql_close($con); echo $results; } else { "<script>window.location = 'http://www.google.com'</script>"; } ?> the tag recive "Update config_hal SET pgtobtn = 5 " if i send the tag like that this works fine ... if i try to send like that "Update config_hal SET pgtobtn = N " this dont work... i know that i should write something like this "Update config_hal SET pgtobtn = 'N' " but also dont work can anybody tellme whats wrong with my code????
  5. sorry im new at this forum... and the $sql recive something like "UPDATE table SET pgtobtn = S" i know that it should be with coutes how i can move the topic??? thanks alll
  6. hi all i have this code <?php if (substr($_POST['tag'], 0, 15) == 'chave|commando|'){ include 'db_con.php'; session_start(); $sql = substr($_POST['tag'], 15, 2000); mysql_real_escape_string(); $result = mysql_query($sql); //if(mysql_num_rows($result) > 0) //while($row=mysql_fetch_row($result,MYSQL_ASSOC)) //$results=$row['nome'].";".$row['creditos'].";".$row['comeu'].";".$row['entradasp'].";".$row['saidasp'].";".$row['entradast'].";".$row['saidast'].";".$row['percmax'].";".$row['percmin'].";".$//row['premio']; mysql_close($con); echo $results; } else { "<script>window.location = 'http://www.google.com'</script>"; } ?> this codes recives a complete string from vb.net aplication the problem is this code updates ok if the string contains only number but if i try to send any leters they dont write or insert on my sql can anybody tellme way ? i think that it because of quotes but i dont know how to use it.. realy thanks alll
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.