Ramon-15 wrote: > > Hi all, > > I've written a php script, called test.php, consisting of the following > statements: > > <?php > error_reporting(E_ALL); > $query = $_GET['sql']; > echo $query; > ?> > Using the script with 'small' values for the parameter sql works fine. > Although, using the script with the sql query as specified below > > http://localhost/test.php?sql="SELECT orders_id, customers_id, > customers_name, customers_company, customers_street_address, > ---8<--- > last_modified >= 18991230 ) and orders_status in (1,2,3) and%2Ãnà > > I do not understand why the value of the sql parameter is truncated. Any > help is appreciated!! > > Thanks in advance! > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > i assume you are running into the max size limit(1024?) for $_GET, use _POST instead, furthermore you should apply some security measures! -- View this message in context: http://www.nabble.com/_GET%28%27name%27%29--truncates-tf3176524.html#a8814114 Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
