Reply to Re: Update fails — PHP Language — IT news, forums, messages

Posted by Norman Peelman on 07/17/07 03:46

Kevin Raleigh wrote:
> I have user id from the url string. sorry forgot to mention it.
> http://www.myWebSite.org/validate?id=154&code=Ogtidw
>
> $userID = $_GET["id"];
> $secureID = $_GET["code"];
>
> Why would the update fail?
> Did I code it correctly?
>
> Thank You
> Kevin Raleigh
>
> "Rik" <luiheidsgoeroe@hotmail.com> wrote in message
> news:op.tvk8wiczqnv3q9@metallium...
> On Tue, 17 Jul 2007 04:42:30 +0200, Kevin Raleigh <kraleigh@sbcglobal.net>
> wrote:
>
>> The following code seems to be failing. Can you check my logic?
>> I am using this //>> notation in the body of the code to indicate my
>> questions and
>> comments
>> $check = mysql_query("SELECT * FROM user WHERE id = '$userID'")or
>> die("query
>> failed!");
>
> What is in $userID? Try to echo the query before performing it.
>
>
>

Remove the quotes from around $userID in the query... you don't need
them for numbers, only strings (generally speaking). And sanitize your
variables to prevent SQL Injections.

Norm

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация