$_GET and mysql?
- Thread starter GarettM
- Start date
Feedback
Haboa Hotel
- Jun 11, 2012
- 80
- 14
I'm rusty with PHP, but there is better ways of fetching user information, like using OOP, and sessions.. But, your code wouldn't really work, as I don't understand why you would have to do it like that, something more simple, IMO, would be;
But, using sessions will only allow users to access a page, if that's what you want. (Session, else die.)
It really depends on how you want it coded.
PHP:
if($_GET['username'])
{
mysql_query('SELECT * FROM users WHERE examplename = '" . $_GET['username'] . "'');
} else {
die();
}But, using sessions will only allow users to access a page, if that's what you want. (Session, else die.)
It really depends on how you want it coded.
- Dec 18, 2010
- 2,637
- 2,389
PHP:
<?php
if (isset( $_GET['username'] ))
{
$user = mysql_real_escape_string( $_GET['username'] );
$checkQ = @mysql_query( "SELECT * FROM `users` WHERE `username` = '" . $user . "' LIMIT 1" );
if (mysql_num_rows( $checkQ ) == 0)
{
echo 'This user does not exist.';
}
else
{
$row = @mysql_fetch_array( $checkQ );
echo $row['email'] . '<br />';
echo $row['joindate'] . '<br />';
echo $row['rank'];
}
}
else
{
echo 'No username set.';
}
?>Should do it I think.
brsy
nah mang
- May 12, 2011
- 1,530
- 272
Why not make a secure function?
PHP:
function secure($str) {
mysql_real_escape_string(htmlentities($str));
}brsy
nah mang
- May 12, 2011
- 1,530
- 272
Are you aware of what does function actually does?
- Status
