justAnoob Posted May 16, 2009 Share Posted May 16, 2009 <?php $sql = "DELETE * FROM xxxxxx WHERE id = '$variable'"; $result = mysql_query($sql); ?> If a user has the ability to click on a button to delete a record, is there such a thing as having an unsecure php file that does the deletion??? What should I look for??? Link to comment https://forums.phpfreaks.com/topic/158344-mysql-delete-question/ Share on other sites More sharing options...
Ken2k7 Posted May 16, 2009 Share Posted May 16, 2009 SQL injection. Link to comment https://forums.phpfreaks.com/topic/158344-mysql-delete-question/#findComment-835093 Share on other sites More sharing options...
ldougherty Posted May 16, 2009 Share Posted May 16, 2009 A good tutorial that should help you out.. http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php Link to comment https://forums.phpfreaks.com/topic/158344-mysql-delete-question/#findComment-835101 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.