ChangePassword - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: ChangePassword (/showthread.php?tid=586025)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: ChangePassword (/showthread.php?tid=586025)
ChangePassword - Andrei04072 - 18.08.2015
It does not work this command.
PHP код:
<?php
include 'includes/config.php';
redirect_not_logged();
include 'includes/header.php';
if(isset($_POST['sbm'])){
$mail = sec($_POST['mail']);
$tskin = "UPDATE playeraccounts SET playerEmail = '$mail' WHERE playerName = '$username'";
mysql_query($tskin);
header('location: index.php');
}
?>
<div class="main-content">
<div class="page-content">
<div class="span12">
<div class="row-fluid">
<div class="span12">
<div class="page-header">
<h1>Change Email</h1>
</div>
<table id="loginstyle">
<tr>
<label for="email">New email:</label><input name="mail" type="text" value="" id="instyle">
</tr>
<tr>
<td colspan="3" style="color:#FF0000;font-weight:bold;">
</td>
</tr>
</table>
</form>
<input class="btn btn-inverse" name="sbm" type="submit" value="Set mail">
</div>
</div>
</div>
</div>
</div>
Re: ChangePassword - Andrei04072 - 18.08.2015
Help me please
Re: ChangePassword - Abagail - 18.08.2015
You don't escape your strings, this can lead to SQL injection - you should escape the strings to avoid unwanted database access. The reason it's probably not working is because you don't have an opening <form> bracket, though this is more of a web question - this section is for PAWN scripting.
Код:
<form name="form_name_goes_here" method="POST">
Re: ChangePassword - Andrei04072 - 18.08.2015
Quote:
|
Originally Posted by Abagail
 You don't escape your strings, this can lead to SQL injection - you should escape the strings to avoid unwanted database access. The reason it's probably not working is because you don't have an opening <form> bracket, though this is more of a web question - this section is for PAWN scripting.
Код:
<form name="form_name_goes_here" method="POST"> |