06-26-2011, 06:05 PM
|
#2 (permalink)
|
|
The Contributor
Join Date: Nov 2007
Location: California
Posts: 82
Thanks: 0
|
your query needs to change:
Code:
if (!isset($_GET['title']) || !is_string($_GET['title'])) {
die("Missing title");
}
$title = (string)mysql_real_escape_string($_GET['title']);
$sql = "SELECT * FROM php_blog WHERE title='{$title}' LIMIT 1";
$result = mysql_query($sql) or print ("Can't select entry from table php_blog.<br />" . $sql . "<br />" . mysql_error());
while($row = mysql_fetch_array($result)) {
// continue on with the rest of your code...
|
|
|
|