Reply to Re: Problem with SELECT

Your name:

Reply:


Posted by Markus Ernst on 10/26/06 16:07

bokke schrieb:
> Hi,
>
> I have a page with a link
>
> <a href="Contributor.php?action=&SubCat=<?php echo $row["writer"];
> ?>"><?php echo $row["writer"];?></a>
>
> that does to a page with a SELECT
>
> $query = "SELECT * FROM news WHERE writer='$SubCat' ";

You are sure register_globals is on? Anyway it is recommended to use
$_GET['SubCat'].

> But it is not pulling any data from the database. If I do this
> $query = "SELECT * FROM news WHERE writer='Bob Smith' ";
> works great??
>
> also
> the ULR reads -
> Contributor.php?action=&SubCat=Bob%20Smith

So you have one record with 'Bob Smith' and another one with 'Bob%20Smith'?

Some recommendations:
- use urlencode() and urldecode() if you send GET data that could
contain any characters beyond a-z, A-Z and 0-9
- always pre-process transmitted data before putting them into the
database; also google for "SQL injectin" and "E-mail injection"
- regarding your HTML, use validator.w3.org to check it, and don't use a
strict XHTML doctype if you don't write strict XHTML.
- regarding posting, your message appears as a reply to an old thread in
my newsreader - was that your intention?

--
Markus

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация