Too true - this is why a page that I promised would only take a few minutes
winds up taking all week.
But it makes steady employment for the QA team...
On 2/24/04 10:37 AM, "Andy Armstrong" <[EMAIL PROTECTED]> wrote:
> Frank Flynn wrote:
>> And if you'd like to make wild carding optional keep your code the way it
>> $query .= " AND `model` LIKE '".$_GET['search']."'";
>> And put a comment on the web page "Use the % for wild cards".
>> The thing about:
>> $query .= " AND `model` LIKE '%".$_GET['search']."%'";
>> Is it will return many results if $_GET['search'] is very small like one
> And bear in mind that there's could be a nasty SQL injection problem
> with that code if $_GET['search'] hasn't been SQL escaped in some way.
Poet, Artist & Mystic
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php