Posted by Rik on 05/06/06 15:26

ste wrote:
> <?php
> include("databasepasswords");
> if (isset($_GET['pageno'])) {
> $pageno = $_GET['pageno'];

Tssk, if thought I told you to escape GET variables if used in queries :-).
$pageno = mysql_real_escape_string(_GET['pageno'],$connection);

> $query = "SELECT count(*) FROM images ".$where;
> $result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);

As said, $where whould be set BEFORE this query.

> $query = "SELECT * FROM images ORDER BY dateadded,
> datetaken DESC $limit ".$where ;

Echo this query and you'll see what's wrong. It should be

$query = "SELECT * FROM images ORDER BY `dateadded`, `datetaken` DESC $where
$limit";

Wether your code creates proper pages I'm not going to check.

For future reference:
Echoing variables after they are set or print_r() arrays will make a lot
more clear to you in debugging.
In this instance, echoing the query would have told you right away the query
was composed in the wrong order.

Grtz,
--
Rik Wasmus

[Back to original message]