>> if(isset($_GET['id'])) { >> $id=$_GET['id']; >> $query = "select bin_data, filetype from binary_data where id=$id";
This is a really bad example, anybody can inject your query with malicious sql commands.
Never trust user supplied data.
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php