-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Am Montag, 30. Juni 2003 20:10 schrieb Pushpinder Singh Garcha: > Hello , > > Can someone tell me what is wrong with the following querys ? I am > pretty sure its got something to do with the quotes around $_POST[] > variables. > > $sql1 = "SELECT * from `admin` where `admin`.user = > '"$_POST['validuser']"' AND `admin`.pwd = '"$_POST['password']"'"; > > $sql1 = "SELECT * from `admin` where user = "$_POST['validuser']" AND > pwd = "$_POST['pass']""; You have forgotten to set the 'dots' 8-)
$sql1 = "SELECT * from `admin` where `admin`.user = '" . $_POST['validuser'] . "' - --^^^^---------------------^^^^^ AND `admin`.pwd = '" . $_POST['password'] . "'"; - ----------------------------------^^^^--------------------------^^^^^ That's it. CU Thorsten have fun - -- Thorsten Körner http://www.123tkShop.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE/AIMZs5R35vLkl/cRAhzpAKCigPBeox92GTtjbGu8Ydiu5NlxIQCgqy27 SFw6/nEAUy4nsAvMzaQiFQk= =Axl+ -----END PGP SIGNATURE----- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
