Hello fellow PHP coders,
I've started working on a hobby i've wanted to do for ages, however, I've come across a problem, I know basic level of php, I'm just wondering if someone would be kind enough to point me in the way, and/or giveme a hand in the hobby i'm doing.
Location: Beware of programmers carrying screwdrivers
You have some SQL Injection vulnerabilities in that code.
add_slashes() is not a sufficient form of sanitisation. -- You should be using mysql_real_escape_string() for your user input (any $_GET/$_REQUEST/$_POST/$_COOKIE etc) variables.