LCKB ** OLD LCKB DATABASE ** Programmers Gateway Coders Talk v
[PHP]Seals System

Linear Mode
[PHP]Seals System
Wizatek Offline
Posting Freak
*****
Posts: 768
Threads: 40
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: May 2011
Reputation: 0
#3
04-23-2012, 04:56 AM

i would recommed using PDO as it protects u from mysql injections

 

$qry =("UPDATE `".$SiteSQL["config-database_db"]. "`.$table SET `a_item_idx$item` = 0 WHERE $table.`a_char_idx` =$chaid AND $table.`a_tab_idx` =$itemtype AND $table.`a_row_idx` =$row;");

 

To do this in a safe way it would look something like this

 

if( ctype_digit( $characterid ) && ctype_digit( $row ) && cype_digit( $itemtype ) )
{

$query = sprintf
("
UPDATE
%s.t_inven0%d

SET
a_item_idx%d = 0

WHERE
a_char_idx = :charid

AND
a_tab_idx = :itemtype

AND
a_row_idx = :row

", $SiteSQL[config-database_db],
$lastdigit,
$item );

$dbh = $db->prepare($query);
$dbh->execute( array( :charid => $characterid,
:itemtype => $itemtype,
:row => $row ));

}

Find


Messages In This Thread
[No subject] - by Infinity - 04-22-2012, 05:06 PM
[No subject] - by Reza - 04-23-2012, 01:28 AM
[No subject] - by Wizatek - 04-23-2012, 04:56 AM
[No subject] - by Reza - 04-23-2012, 06:28 PM
[No subject] - by Wizatek - 04-24-2012, 04:58 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)