On 27 Apr 2012 at 16:56, Chris Stinemetz <chrisstinemetz@xxxxxxxxx> wrote: > On Thu, Apr 26, 2012 at 12:58 PM, Stuart Dallas <stuart@xxxxxxxx> wrote: >> On 26 Apr 2012, at 18:37, Jim Giner wrote: >> >>> I"m no expert, but why would you expose a query to the world thru the use of >>> a GET? Why not just collect the params and build the string in your code? >>> That is how people hack into your database - via a re-formed query. You're >>> giving someone an open invitation. >> >> A "query string" has nothing to do with databases. > I still haven't been able to find a solution. Is there anyone out > there that knows how to keep the query string intact? As was posted previously, you need to encode the query string. If you have: http://westeng/forum/store.php?id=Wiser Communication, LLC -& - Sprague Ave that is going to be split in two unless you encode the "Wiser Communication, LLC -& - Sprague Ave" portion. I would do that with JavaScript on the html page. This is not a PHP question. -- Cheers -- Tim
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
