My Comment bellow:

On Wednesday 15 October 2003 14:38, Kirk Babb wrote:
> Hi,
> I'm having trouble with a query inside a function.  I thought I'd written
> this so that the function would fail if email and zipcode supplied were not
> in the same row (trying to use those two things to identify the user), but
> I don't think that is what is happening because I can enter the wrong
> zipcode and it will return data based on the email.  Any suggestions or
> corrections? Thanks!
> -Kirk
>
> [code snippet]
> function getEditData($email,$zipcode) {
>     $sql = "SELECT * FROM contact_info WHERE zipcode='$zipcode' AND
> email=\"{$email}\"";

Change by 
$sql = "SELECT * FROM contact_info WHERE zipcode='{$zipcode}' AND 
email='{$email}'";

>     $query = mysql_query($sql);
>     if (mysql_affected_rows()=="0") {
>       $this->sendResult("Fail","We do not have the given email and zipcode
> on file.  Please go to the menu and start again.");
>     }
> [end snippet]

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to