Too true - this is why a page that I promised would only take a few minutes
winds up taking all week.

But it makes steady employment for the QA team...


On 2/24/04 10:37 AM, "Andy Armstrong" <[EMAIL PROTECTED]> wrote:

> Frank Flynn wrote:
>> And if you'd like to make wild carding optional keep your code the way it
>> is:
>>     $query .= " AND `model` LIKE '".$_GET['search']."'";
>> And put a comment on the web page "Use the % for wild cards".
>> The thing about:
>>       $query .= " AND `model` LIKE '%".$_GET['search']."%'";
>> Is it will return many results if $_GET['search'] is very small like one
>> letter.
> And bear in mind that there's could be a nasty SQL injection problem
> with that code if $_GET['search'] hasn't been SQL escaped in some way.

Frank Flynn
Poet, Artist & Mystic

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to