Sorry, i meant: mysql_escape_string( $value ) I use a class to handle accessing the database, and i named the function $db->quote(...); i keep forgetting that the actual function call that the class is making ;-)
And yes, validating that it's an integer works also, but even after pregging vars to all hell and back to verify contents, i still quote. i'm paranoid. :) --- Scott Hurring Systems Programmer EAC Corporation [EMAIL PROTECTED] Voice: 201-462-2149 Fax: 201-288-1515 > -----Original Message----- > From: 1LT John W. Holmes [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 05, 2002 5:10 PM > To: Scott Hurring; Php-General (E-mail) > Subject: Re: [PHP] Passing variable to new page and pulling > the rest of > info from database > > > Or simply just validate it's an integer, like it should be, > like you would > do with any user input... > > There is no mysql_quote() function...or am I missing something? > > ---John Holmes... > > ----- Original Message ----- > From: "Scott Hurring" <[EMAIL PROTECTED]> > To: "Php-General (E-mail)" <[EMAIL PROTECTED]> > Sent: Wednesday, June 05, 2002 4:30 PM > Subject: RE: [PHP] Passing variable to new page and pulling > the rest of info > from database > > > > Ahhh! quote that ID number before using it in a query! :) > > > > // for mysql > > mysql_quote($_GET['ID']); > > > > --- > > Scott Hurring > > Systems Programmer > > EAC Corporation > > [EMAIL PROTECTED] > > Voice: 201-462-2149 > > Fax: 201-288-1515 > > > > > -----Original Message----- > > > From: 1LT John W. Holmes [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, June 05, 2002 4:29 PM > > > To: Igor Portnoy; [EMAIL PROTECTED] > > > Subject: Re: [PHP] Passing variable to new page and pulling > > > the rest of > > > info from database > > > > > > > > > SELECT * FROM table WHERE ID = $_GET['ID'] > > > > > > Then create a page to display all of that information. Look > > > at the mysql > > > functions and learn some PHP. We can't help you without > > > knowing what's in > > > your table and how you want it displayed, etc... > > > > > > So keep learning and reading and you'll figure out how to > do it. Your > > > question is way to broad for any help... > > > > > > ---John Holmes... > > > > > > ----- Original Message ----- > > > From: "Igor Portnoy" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Wednesday, June 05, 2002 2:40 PM > > > Subject: [PHP] Passing variable to new page and pulling the > > > rest of info > > > from database > > > > > > > > > Hello, > > > > > > > > > > > > I am passing a variable to the new page, when user clicks > on the link. > > > Something like that: > > > > > > <a href="showimage.php?ID=38"><img src="/some/image.jpg"></a> > > > > > > > > > > > > How can I extract all other information out of my > database for that ID > > > in the next page (showimage.php)? > > > > > > > > > > > > Thanks > > > > > > > > > > > > > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
