if you are useing the processor.php script, you need to know that is potentially attackable with code ijections.
Here is a little solution that may help ya to fix SQL code injection, put this code at the beginning of your processor.php
Here is a little solution that may help ya to fix SQL code injection, put this code at the beginning of your processor.php
Code:
function sql_quote( $value ) { if( get_magic_quotes_gpc() ) { $value = stripslashes( $value ); } //check if this function exists if( function_exists( "mysql_real_escape_string" ) ) { $value = mysql_real_escape_string( $value ); } //for PHP version < 4.3.0 use addslashes else { $value = addslashes( $value ); } return $value; }