seany123 Posted January 25, 2010 Share Posted January 25, 2010 someone is now telling me that by using a query like this: $query1 =$db->execute ("SELECT * FROM users WHERE ref='$user->id' && rm >='1'"); $amount = $query1->recordcount(); is easily hackable by a experienced hacker... however this isnt: $query1=$db->execute("select * from `users` where `ref`=? and `rm`>=?",array($user->id, 1)); $amount=$query1->recordcount(); is that correct? opinions please? Link to comment https://forums.phpfreaks.com/topic/189682-help-with-adodb/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.