Warning: You are wide open to SQL Injections and should really use parameterized prepared statements instead of manually building your queries. They are provided by PDO or by MySQLi. Never trust any kind of input, especially that which comes from the client side. Even when your queries are executed only by trusted users, you are still in risk of corrupting your data.
Hey Kamil,
Thanks for your constructive feedback. Yes you are right, my code is prone to SQL injection, actually My point was to explain the procedure to send OTP in PHP
Thanks :)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Warning: You are wide open to SQL Injections and should really use parameterized prepared statements instead of manually building your queries. They are provided by PDO or by MySQLi. Never trust any kind of input, especially that which comes from the client side. Even when your queries are executed only by trusted users, you are still in risk of corrupting your data.
Hey Kamil,
Thanks for your constructive feedback. Yes you are right, my code is prone to SQL injection, actually My point was to explain the procedure to send OTP in PHP
Thanks :)