Receive a bug report, don't know what that means, please answer
[quest_string]=$_server kname=1 '+ and @' ' '+ or + the if (substr (user (), 1, 4)=' root ', 1, exp (710)) #

CodePudding user response:

By the user in the form fill in the data contains the SQL keyword to make illegal database SQL statement
Suggested to use parameterized SQL query manner to avoid users injection