Code: Select all
mysql_query("update orders set contact_fname='$_POST[contact_fname]', contact_lname='$_POST[contact_lname]', contact_company='$_POST[contact_company]', contact_email='$_POST[contact_email]', contact_phone='$_POST[contact_phone]', contact_fax='$_POST[contact_fax]', contact_address='$_POST[contact_address]', contact_city='$_POST[contact_city]', contact_state='$_POST[contact_state]', contact_postcode='$_POST[contact_postcode]', contact_country='$_POST[contact_country]' where orderid='$orderid'") or die(mysql_error());Code: Select all
$contact_fname = makesafe($_POST[contact_fname]);
$contact_lname = makesafe($_POST[contact_lname]);
etc etcIf you could sehd some light, it would be greatly appreciated...