My Comment bellow:
On Wednesday 15 October 2003 14:38, Kirk Babb wrote:
> Hi,
> I'm having trouble with a query inside a function. I thought I'd written
> this so that the function would fail if email and zipcode supplied were not
> in the same row (trying to use those two things to identify the user), but
> I don't think that is what is happening because I can enter the wrong
> zipcode and it will return data based on the email. Any suggestions or
> corrections? Thanks!
> -Kirk
>
> [code snippet]
> function getEditData($email,$zipcode) {
> $sql = "SELECT * FROM contact_info WHERE zipcode='$zipcode' AND
> email=\"{$email}\"";
Change by
$sql = "SELECT * FROM contact_info WHERE zipcode='{$zipcode}' AND
email='{$email}'";
> $query = mysql_query($sql);
> if (mysql_affected_rows()=="0") {
> $this->sendResult("Fail","We do not have the given email and zipcode
> on file. Please go to the menu and start again.");
> }
> [end snippet]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
