Németh Zoltán wrote:
> On cs, 2007-01-18 at 02:04 -0800, pub wrote:
>> On Jan 18, 2007, at 2:00 AM, Németh Zoltán wrote:
>>
...
> maybe you should use a parameter for it, place it into the link in the
> first query loop, get it here and query based on it
>
> like "SELECT * FROM job WHERE id={$_GET['job_id']}" or whatever
SQL INJECTION WAITING TO HAPPEN.
...
>> foreach($row as $url)
>> {
>> $row = mysql_fetch_array($result2,MYSQL_ASSOC);
>> if ("url={$row['url']}")
what is this IF statement supposed to be doing???
because it will always evaluate to true
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
