Jump to content

Getting data by its ID


divinedesigns1

Recommended Posts

Oh my word. Sorry.

 

Turns out I had changed the <a> tag in the resultsClients.php to <a href="viewclient.php?clientid='.$row['clientid'].'">, but never refreshed the viewclient.php page I was on.

 

Ha, well, it works now!

Link to comment
Share on other sites

Okay, what parts? How do I fix it? I'm new to both PHP and SQL (if you couldn't tell already ;)).

 

This is only on a local machine, won't be uploaded to the internet at all. But I do agree, if there are potential threats, they should be avoided.

Link to comment
Share on other sites

SQL injection happens when you're using user suppled data in a query, and someone writes SQL code into that data. Someone could write SQL code into the clientid variable, and you would add that to your query and execute it. One way to avoid it is to use prepared statements, where your query has placeholders for the values and then you send the values later.http://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...