(12 дек 2015, 23:37) (1/0)
[1]
<?
function security($value)
{
$value = trim($value);
$value = mysql_real_escape_string($value);
$value = htmlspecialchars($value);
return $value;
}
$name = security($_POST['name']);
if(isset($_POST['submit'])){
mysql_query('UPDATE `user` SET `name` = "'.$name.'" WHERE `id` = "'.$user['id'].'"');
exit(header ("Location: /"
);
}
echo '<form action="" method="post">
Имя
<input type="text" name="name"/>
<input type="submit" value="Сохранить" name="submit"/>
</form>';
?>
function security($value)
{
$value = trim($value);
$value = mysql_real_escape_string($value);
$value = htmlspecialchars($value);
return $value;
}
$name = security($_POST['name']);
if(isset($_POST['submit'])){
mysql_query('UPDATE `user` SET `name` = "'.$name.'" WHERE `id` = "'.$user['id'].'"');
exit(header ("Location: /"
); }
echo '<form action="" method="post">
Имя
<input type="text" name="name"/>
<input type="submit" value="Сохранить" name="submit"/>
</form>';
?>
- 1 из 1
