Is this a syntax error?

[kwilameiya]

Hi

 

I have used the code below with success. However, it has been some time since I did any coding and now this piece of code does not work.  Not sure if I have missed a syntax error or php standards have changed.

 

The error seems to be with the field $page_name? If I substitute the call

$sql = "SELECT * FROM pages WHERE page_href = '$page_name' order by page_id"; with an actual page name then I get the result I want.

 

Many thanks for the help

 

 

<?

include ('config.php');

$sql = "SELECT * FROM pages WHERE page_href = '$page_name' order by page_id";

$class = mysql_query($sql, $conn);

while($row = mysql_fetch_object($class))

{

$page_id=$row->page_id;

$page_name=$row->page_name;

$page_type=$row->page_type;

$page_image=$row->page_image;

$page_details=$row->page_details;

$page_image2=$row->page_image2;

$page_details2=$row->page_details2;

$page_href=$row->page_href;

$temptype=$row->temptype;

 

$sql8 = "SELECT * FROM templates where tmp_code='$temptype'";

$class8 = mysql_query($sql8, $conn);

list($tmplt_id,$template,$tmp_code)=mysql_fetch_row($class8);

 

include ("$template");

 

 

}

 

?>

[Mchl]

This code relies on setting called  register globals which is disabled by default in new distributions of PHP (and for good reasons). Depending on whether page_name is supposed to come through POST or GET you should use $_POST['page_name'] or $_GET['page_name'].

And don't forget to mysql_real_escape_string it first!