DEV Community

Discussion on: How To Fetch And Update Query In MySQL - PHP

Collapse
 
marcusatlocalhost profile image
Marcus

Nobody should follow this tutorial by Robert Look or Ajay kumar (who is the author of the liked article).

It's insecure and an open door for taking over your database.

$result = mysqli_query($conn,"SELECT * FROM users WHERE id='" . $_GET['userid'] . "'");
Enter fullscreen mode Exit fullscreen mode

I'm sorry but this low quality content is very discouraging using this site.

Nothing against beginner tutorials, but this is code that was already wrong 10 years ago!

Collapse
 
_garybell profile image
Gary Bell

Yes, bad practices. But it also only gives the code without explaining what it does. It might as well just say "copy and paste this, then hack it to fit your needs. Good luck"