Posted by Toby A Inkster on 05/10/07 08:39

Call Me Tom wrote:

> Thanks. That solved the problem.

But it will cause another (when $new_url contains a quote mark!)

This should be (more or less) indestructible:

$q2 = sprintf("UPDATE reports SET fsacars_rep_url='%s' WHERE pilot_id=%d;",
mysql_real_escape_string($url_new),
(int)$pid);

--
Toby A Inkster BSc (Hons) ARCS
http://tobyinkster.co.uk/
Geek of ~ HTML/SQL/Perl/PHP/Python/Apache/Linux

• Next in forum: Re: PHP Warning: Module 'readline' already loaded in Unknown on line 0
• Prev in forum: Re: How to handle lengthy operations?
• Thread view: Re: Syntax Problem

[Reply to this message]