On Monday 20 December 2004 03:54, Chris Shiflett wrote:
> --- Brad Ciszewski <bradcis@xxxxxxxxxxx> wrote:
> > Please help me figure out what I did wrong.
> >
> > *connects to database*
> >
> > $email = $_POST["email"];
> >
> > $checkEmail = mysql_query("SELECT *
> > FROM memberInformation
> > WHERE email = '$email'");
>
> Please read this:
>
> http://php.net/manual/security.database.sql-injection.php
After you've digested that, you should study the examples in manual > MySQL
functions to see how to connect, query, and obtain results from MySQL, and
how to check for errors.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
question = ( to ) ? be : ! be;
-- Wm. Shakespeare
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
