On Aug 9, 2011, at 7:42 AM, Jasper Mulder wrote:
> Date: Tue, 9 Aug 2011 07:30:47 -0500
> From: chrisstinemetz@xxxxxxxxx
> To: tamouse.lists@xxxxxxxxx
> CC: php-general@xxxxxxxxxxxxx
> Subject: Re: pass text variables to next page
>
> Thank you Tamara.
>
> Not sure if I am doing it right. It looks like the last single quote
> is being escaped.
> [SNIP]
> The query:
>
> $sql = "SELECT store_id, store_subject
> FROM stores
> WHERE store_subject = '" .
mysql_real_escape_string($_GET['id']."'");
>
>
> Thank you,
>
> Chris
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
The problem is with the mysql_real_escape_string closing parenthesis
position, instead of
($_GET['id']."'");
it should be
($_GET['id'])."'";
Yup, my fault, I put it inside the closing paren to
mysql_real_escape_string. it should be outside.
