Name | Pop |
prepare("SELECT * FROM weapon where cost > '$searchPrice'");
if ($stmt->execute(array(200000000))) {
while ($row = $stmt->fetch()) {
print_r($row);
}
}
$dbh = null;
}
catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "
";
die();
}
}
?>
prepare("INSERT INTO weapon values('$name','$cost','$lethality')");
$stmt->execute();
}
catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "
";
die();
}
}
die("This app is not enabled .. it has an SQL injection attack problem");
if( isset( $_REQUEST['myButt'])){
$name = $_REQUEST["name"];
$cost = $_REQUEST["cost"];
$lethality = $_REQUEST["lethality"];
addAThing($name,$cost,$lethality);
}
if( isset( $_REQUEST['myButt2'])){
$searchPrice = $_REQUEST["searchPrice"];
searchAThing($searchPrice);
}
?>