PHP Code:
if($db->stmt = $db->prepare("UPDATE profile_about SET bio = '" . $bio . "' WHERE user_id = '" . USER_ID . "'")) {
$db->stmt->execute();
$db->stmt->close();
}
if($db->stmt = $db->prepare("UPDATE profile_about SET facebookUrl = '" . $fb . "' WHERE user_id = '" . USER_ID . "'")) {
$db->stmt->execute();
$db->stmt->close();
}
if($db->stmt = $db->prepare("UPDATE profile_about SET twitterUrl = '" . $tw . "' WHERE user_id = '" . USER_ID . "'")) {
$db->stmt->execute();
$db->stmt->close();
}
if($db->stmt = $db->prepare("UPDATE profile_about SET flag = '" . $flag . "' WHERE user_id = '" . USER_ID . "'")) {
$db->stmt->execute();
$db->stmt->close();
}
if($db->stmt = $db->prepare("UPDATE profile_about SET youtube_url = '" . $yt . "' WHERE user_id = '" . USER_ID . "'")) {
$db->stmt->execute();
$db->stmt->close();
}
People really need to learn how to use prepared statements properly.
OVERKILL MUCH!