Since I am assuming "Type" is a text field, you will want to enclose it
in single quotes. Also, because I am anal retentive, I like to also use
the addslashes() function on any input coming in on the GET string or
via a POST. Also, since all variables are preceded by a $ character,
your call to mysql_query will fail.
So, I would change your code to something like this:
$type = addslashes($_GET['type']);
$sql = "SELECT * FROM tbCategory WHERE Type ='$type' order by style";
$resultID = mysql_query($sql, $db);
HTH!
--Sam
Alistair Hayward wrote:
> This is what I have:
> <?php
>
> $connection = mysql_connect("localhost","root","batman");
> if (!$connection) {
> echo "Couldn't make a connection!";
> exit;
> }
> $db = mysql_select_db("sealhouse", $connection);
> if (!$db) {
> echo "Couldn't select database!";
> exit;
> }
> $type = $_GET['type'];
> $sql = "SELECT * FROM tbCategory WHERE Type =$type order by
style";
> $resultID = mysql_query($sql, DB);
>
>>
>
>
> Chris W. Parker wrote:
>
>> Alistair Hayward <mailto:[EMAIL PROTECTED]>
>> on Wednesday, March 10, 2004 2:46 PM said:
>>
>>
>>> This is what I get when I try to create the recordset....
>>>
>>> Notice: Use of undefined constant DBlink - assumed 'DBlink' in
>>> D:\Development\Completed\Sealhouse\phpSealTest\ProductSpecs.php on
>>> line 24
>>
>>
>> well you're going to need to do a *little* research on your own.
>>
>> oh what the heck...
>>
>> DBlink is the same as your cnn in your asp code. in other words you
>> still need to create a connection to a database.
>>
>>
>>
>> chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
