shadiadiph Posted December 23, 2008 Share Posted December 23, 2008 i am getting a strange result from $_get probably simple. in the url it says /user/viewad.php?adid='39' but when i use $adid = $_GET["adid"]; $sql = "select * from tblproddetails where intProductID=$adid"; it produces an error and the error i get says SQL: select * from tblproddetails where intProductID=\'39\' where are the \'39\' slashes coming from clearly says '39' in the url is there any easy fix for this? Link to comment https://forums.phpfreaks.com/topic/138087-strange-_get-result/ Share on other sites More sharing options...
ratcateme Posted December 23, 2008 Share Posted December 23, 2008 what are the '' in the url for it should be /user/viewad.php?adid=39 also you should use $adid = mysql_real_escape_string($_GET["adid"]); it is a lot safer Link to comment https://forums.phpfreaks.com/topic/138087-strange-_get-result/#findComment-721814 Share on other sites More sharing options...
MadTechie Posted December 23, 2008 Share Posted December 23, 2008 You probably have magic quotes ON, turn them off in the php.ini file or use stripslashes() ie $adid = stripslashes($_GET["adid"]); $sql = "select * from tblproddetails where intProductID=$adid"; EDIT: infact if its an INT use this $adid = (int)$_GET["adid"]; $sql = "select * from tblproddetails where intProductID=$adid"; but for strings your need to stripslashes even before using mysql_real_escape_string Link to comment https://forums.phpfreaks.com/topic/138087-strange-_get-result/#findComment-721815 Share on other sites More sharing options...
shadiadiph Posted December 23, 2008 Author Share Posted December 23, 2008 solved it thanks had some extra '' on the php?adid='$adid' time for me to get some sleep too tired thanks again guys Link to comment https://forums.phpfreaks.com/topic/138087-strange-_get-result/#findComment-721818 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.