Sean Greenslade wrote:
>>
>
> [MASSIVE
SNIP]
>
> Well, from what I saw while wading through your
code, you allow
> unsanitized
> variables to be
concatenated to your queries. Big no-no! For ANY
>
client-generated variable, always sanitize with
mysql_real_escape_string.
> In
> fact, sanitize all your
variables. It can't hurt.
>
> Also, please don't take a
request for your entire code too literally. We
> don't like to see
pages and pages and pages of code, just the pertinent
> bits.
> --
> --Zootboy
>
> Sent from my PC.
>
Thanks to all, but it was an infinite loop. there was a
while ($_parent != "0") { } loop. In the loop the database
is queried. If the returned number of rows is greater than 0 then
perform then grab a $_parent from the database. At some point, there
must be a parent that is = 0 and the loop breaks. However, if the
page is called with category number that doesn't exist, then the if/then
clause is never true and $_parent never gets set to 0. I simply
added and else clause.
while ($_parent != 0)
{
if
($num_rows > 0)
{
perform some action
}
else
{
$_parent =
"0";
}
}
and that solved the
problem.
Thank you, everyone for your help.
Curtis
