[thelist] Rusty PHP questions...

John Handelaar john at userfrenzy.com
Mon Oct 15 10:15:24 CDT 2007


On 15/10/2007, Tom Dell'Aringa <pixelmech at gmail.com> wrote:
> $query = sprintf("SELECT name, date, city, distance, start, state, score,
> course_type, price, size, chip, food, beer, url, frequency, sponsors,
> description FROM event_list WHERE id = $raceId");


> 3. Lastly, just checking that I am setting my variable correctly. They are
> appending an id onto the get string for each link, so I set it at the top of
> the page like so, so I can test for it at the section when I need it:
>
> $raceId = $_GET['id'];
>
> Thanks in advance for any tips,

One tip:

a)  Take a backup (seriously, *TAKE A BACKUP* before moving to b)
b)  Try appending this to the page URI:

    ?id=0;DELETE FROM event_list;


c)  Plug the huge hole you just described.


jh



More information about the thelist mailing list