Trying to inject php code into database.

[jbeitz107]

It doesn't inject anything in my database. Any ideas what i am doing wrong? Thanks guys

Updated forumulations that still will not inject into sql database

global $link;
mssql_select_db("UserLogin",$link);
mssql_query("INSERT INTO tblGMAddedTaneys VALUES Administrator = '$administrador', IP = '$ip', Taneys = '$mqueryx', DateTime = '$FechaYHora', ModdedAcct = '$userid' ");

This is my error.

Warning: mssql_query() [function.mssql-query]: message: Incorrect syntax near 'Administrator'. (severity 15) in C:\xampp\htdocs\gmadministpanel\GMTool\addtaneys.php on line 85

Warning: mssql_query() [function.mssql-query]: Query failed in C:\xampp\htdocs\gmadministpanel\GMTool\addtaneys.php on line 85

Ok figured out how to inject it. Was an error on my part but, how do I make it post the date and time for when the transaction happened in php code.
This is my fix so far.

global $link;
mssql_select_db("UserLogin",$link);
mssql_query ("INSERT INTO GMAddedTaneys(Administrator, IP, Taneys, DateTime, ModdedAcct)VALUES ('$administrador', '$ip', '$mqueryx', '$FechaYHora', '$userid')");

PROBLEM SOLVED!!!!


global $link;
mssql_select_db("UserLogin",$link);
mssql_query ("INSERT INTO GMAddedTaneys(Administrator, IP, Taneys, DateTime, ModdedAcct)VALUES ('$administrador', '$ip', '$mqueryx', GETDATE(), '$userid')");

Now I can keep a log of who adds what and from what IP address, date, time, an GM that performs this action. Now onto the ban creation for php. If anyone has an idea on how to do this please let me know. Thank you

Does anyone know that if I ban or supsend an account in my sql database if this will ban them effectively in the game? Thanks

[MentaL]