Posted 16 May 2006 - 11:05 PM
[!--quoteo(post=374467:date=May 16 2006, 05:59 PM:name=Barand)--][div class=\'quotetop\']QUOTE(Barand @ May 16 2006, 05:59 PM)
A string literal inside a query is assumed to be a column name unless it is in quotes.
$sql = "SELECT * FROM users WHERE users.username = '$visitor_name' ";
Ah, awesome, that cleared it right up. Thanks.
"Paranoia is very useful in this work. ...If your cryptographic system can survive the paranoia model, it has at least a fighting chance of surviving in the real world." - Niels Ferguson & Bruce Schneier
They say there's more then one way to skin a cat.
In programming, there's no wrong way to skin a cat, just more efficent ways of doing so.