php + mysql , I need help
2015-10-12, 04:12 AM,
#1
I just need help to set the database for this

Code:
}
    mysql_query("UPDATE leads SET total=total+".$_POST['payout']." WHERE tracking_id=".$_POST['tracking_id'],$conn);
    ?>

exemple de varialbles and all to create it.
thanks
Reply
2015-10-12, 06:57 AM,
#2
(2015-10-12, 04:12 AM)t0ks1ck Wrote: I just need help to set the database for this

Code:
}
    mysql_query("UPDATE leads SET total=total+".$_POST['payout']." WHERE tracking_id=".$_POST['tracking_id'],$conn);
    ?>

exemple de varialbles and all to create it.
thanks


First of all to make your App secure i would to recommend you use mysqli or PDO instead original mysql functions .

Now you need to get the total then modify it it's more secure
$tracking_id= $_POST['tracking_id'];
ex. mysql_query("SELECT total FROM leads WHERE tracking_id = '$tracking_id'");

$row->$user_total;

Then after get you get how mush user have you need store how mush the user will get from post back

$payout = $_POST['payout'];

$final_total = $payout + $user_total;
mysql_query("UPDATE leads SET total = $final_total WHERE tracking_id = '$tracking_id'");

By the way you need to practice your self with secure and clean coding

https://www.youtube.com/watch?v=a_kTH5y0...hCbCwKWF_N

Yes , i'm unique.
Reply
2016-09-08, 08:54 PM,
#3
its better to use prepared statements to avoid sql injection: http://dev.mysql.com/doc/refman/5.7/en/s...ments.html
like previously mentioned you need to secure your code! otherwise your server(s) will be hacked soon if code like that is running on your production servers ;)

♚♚♚ ARGO CONTENT GENERATOR ♚♚♚
The Leading SEO Website/WP AutoBlog/PBN Generator!

☆ ☆ ☆ https://argo-content.com ☆ ☆ ☆

SUMMER SALE! GET 20% OFF (SAVE +$50) WITH CODE: SSPCL2017
(FOR A LIMITED TIME ONLY!)
Reply
2016-09-19, 12:56 AM,
#4
Even with pdo your code is still vulnerable, you need to use prepared statements i think or at the very least check the user input to see if theyre trying a sql injection
Reply
2016-09-19, 01:55 AM,
#5
isn't that what i just said? :P lol

♚♚♚ ARGO CONTENT GENERATOR ♚♚♚
The Leading SEO Website/WP AutoBlog/PBN Generator!

☆ ☆ ☆ https://argo-content.com ☆ ☆ ☆

SUMMER SALE! GET 20% OFF (SAVE +$50) WITH CODE: SSPCL2017
(FOR A LIMITED TIME ONLY!)
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Help Needed CPAgrip php script takumi 4 797 2017-01-24, 04:47 AM
Last Post: takumi
  SOME DATA IS NOT BEING INSERTED TO MYSQL DATABASE WITH PHP QwertySon 2 1,138 2016-11-21, 02:52 PM
Last Post: QwertySon
  need a php line help t0ks1ck 8 1,028 2016-09-08, 09:01 PM
Last Post: styx
  Looking for php - Coder tbonemaker 0 595 2016-02-29, 10:20 PM
Last Post: tbonemaker
  PHP Expert Help Please rajabadariqbal 5 737 2015-09-14, 11:44 AM
Last Post: rajabadariqbal




About Us | Contact Us | CPA Elites | Advertise | Stats | Staff Team

© 2013-2017 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top