On February 23, 2009 15:34:58 revDAVE wrote:
> Hi folks,
> //but this does not..
> $updateSQL ="UPDATE `mytable` SET thetotal=$amt WHERE
> id=$_SESSION['thisid']";
> Q: How can I fix it?

try :
 $updateSQL ="UPDATE `mytable` SET thetotal=$amt WHERE

or even better:
 $updateSQL ="UPDATE `mytable` SET thetotal=".mysql_real_escape_string($amt).
  " WHERE id=".mysql_real_escape_string($_SESSION['thisid']);

substituting mysql_real_escape_string with the escape function for your 
Philip Graham
Lightbox Technologies
Suite 312 240 Catherine St.
Ottawa, ON, K2P 2G8
613-686-1661 ext. 102

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to