Sean Greenslade wrote:
[MASSIVE
SNIP]
Well, from what I saw while wading through your
code, you allow
unsanitized
variables to be
concatenated to your queries. Big no-no! For ANY
client-generated variable, always sanitize with
mysql_real_escape_string.
In
fact, sanitize all your
[SNIP]
added and else clause.
while ($_parent != 0)
{
if
($num_rows 0)
{
perform some action
}
else
{
$_parent =
0;
}
}
and that solved the
problem.
Thank you, everyone for your help.
Curtis
A small remark:
I think it is good programming practice to
2 matches
Mail list logo