quote:
Originally posted by uno111
quote:
Originally posted by segosa
And if you want to see every single name his site contains, just do a little bit of SQL injection.
http://www.coolmessengernames.com/?c=-1%20or%201=1%20--
(tip: You might wanna fix that buddy. http://www.php.net/manual/en/security.database.sql-injection.php )
Wow ur leet!
How do you fix that? Is there a simple function as I already add slashes?
You add slashes to strings, but you don't handle numbers well. Just do an intval() on numbers.