NamePop





Add to Table


Search Table



prepare("SELECT * FROM weapon where cost > '$searchPrice'");
                if ($stmt->execute(array(200000000))) {
                        while ($row = $stmt->fetch()) {
                                print_r($row);
                        }
		}
        $dbh = null;
	}
	 catch (PDOException $e) {
	    print "Error!: " . $e->getMessage() . "
";
	    die();
	}
}
?>
prepare("INSERT INTO weapon values('$name','$cost','$lethality')");
		$stmt->execute();
 }
	 catch (PDOException $e) {
            print "Error!: " . $e->getMessage() . "
";
            die();
        }

}

die("This app is not enabled .. it has an SQL injection attack problem");

if( isset( $_REQUEST['myButt'])){
$name = $_REQUEST["name"];
$cost = $_REQUEST["cost"];
$lethality = $_REQUEST["lethality"];
addAThing($name,$cost,$lethality);
}

if( isset( $_REQUEST['myButt2'])){
$searchPrice = $_REQUEST["searchPrice"];
searchAThing($searchPrice);
}
?>