Since you're new to this, always be sure to clean up the output you get from $_GET or $_POST to avoid sql injection. Fore example: $search_value = htmlentities($_GET['search_value'], ENT_QUOTES); If you're casting to something other than a string (such as int) than you're safe and you don't have to use htmlentities. -- itoctopus - http://www.itoctopus.com ""Jeff"" <akaman@xxxxxxxxxxx> wrote in message news:4B.85.42584.E9DF1064@xxxxxxxxxxxxxxx > Thank you Chris! > > "Chris" <dmagick@xxxxxxxxx> wrote in message > news:4601EFD9.2050103@xxxxxxxxxxxx > > Jeff wrote: > >> I want to thank you all for clearing me up on setting the > >> register_globals to ON issue!! I have refrained from doing so and my code > >> is running great with the $_GET. > >> > >> I am having NO trouble passing my "single" variable to the next page > >> using.. > >> > >> echo "<A href=\"char_edit_form.php?charid=$charid\">Edit</A>"; > >> > >> as when the next page that load actually shows the character info, so > >> basically you can see you are dealing with the correct record. > >> > >> NOW............. > >> > >> I want to pass two variables to a delete page. The charid and the char > >> name. Here is what I have but it will only pass the 1st variable ?charid > >> > >> echo "<A href=\"delete_char.php?charid=$charid > >> ?char=".$myrow["char_name"]."\">Delete</A>"; > > > > The first one is preceded by a ? > > > > Subsequent ones are with an '&'. > > > > See http://en.wikipedia.org/wiki/Query_string > > > > -- > > Postgresql & php tutorials > > http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
