I am including the value of the day for the database, I want to assume that the day already exists It should be said that the day already exists, it should Innsert..please anyone can check the following code ... Thanks in advance
$ dexist = $ _ POST [' Ext ']; $ Res = mysql_query ("Select from day to day where day = '". $ Dexist. "' '"); While ($ line = mysql_fetch_array ($ res)) {$ dy = $ line ['day']; } If ($ dy == $ dexist) {echo "& lt; script language = \" javascript \ "& gt;"; Echo "window.alert ('file already exists');"; Echo "// - -> "; } Else {mysql_query ("Enter date, day, breakfast, starttime, endimeb, lunch, starttime, endimemail, dinner, starttime, endimaid) values (''. $ Date. '', '". $ Day. " ',' '.' ',' '.' '$ Bree. "". $ BRE. "', '". $ Lun. "', '". $ LUNs. "', '". $ Lune "','" $ Dinn ", '" $ Dins "," "$ food"') ") .......}
Your script screams with "SQL injection"! Please my site pwn!
In addition: Your code synchronization problem For example, for example, a file can be created after you run a selected statement, but before you run the INSERT statement, this will be the reason for the strange failures. This is the reason that you have a single stored job "Select and insert" in the form (Read on nuclear operations - more specifically, this is an example of "comparison and swap")
No comments:
Post a Comment