Kaitosoto

No, I want to check to see that the value that was found with the SELECT in the first query was greater than 0. If so, then execute the second query.

This should be simple. After using PHP to connect to a MySQL database, how do I make an IF statement with a query? like, I know that when you do something like $sql = "UPDATE fdatabase SET blah blah blah"; $query = mysql_query($sql,$connect); It connects to the thing. How do I make it so that it is conditional like this: if(-MYSQL QUERY THAT SELECTS A VALUE FROM one of THE fdatabase tables- = 0) { $sql = "UPDATE fdatabase SET blah blah blah"; $query = mysql_query($sql,$connect); } else { -do nothing }

So I have my script that takes a lot of variables like: http://www.mysite.com/script.php?id=6&pin=7654&desk=thisbigone I currently get variables with $_GET in the script, which I feel is very vulnerable to abuse as users can type all that out in the address bar and change the id and pin to their advantage. My question is, how do I make it so that users cannot type all that out and execute the script in the browser address bar and forcing them to have to click on a link that is on my sites index.php in order to execute that line of code?

If mod_rewrite cannot do this, then can you tell me what I can do to hide something like: http://www.mysite.com/index.php?identity=8&linkstart=http://www.mysite.com/stuff/&linkend=03928423/thisimage39.jpg to http://www.mysite.com/index.php The point of it is, to not allow users to know what identity=8 part as the variable for identity would be generated randomly by the script itself on index.php, which stores it using GET into a variable $identifynum. The point of it is, I do not want users to be abusing the script by typing in randomly identity=9, identity=10, etc in the browser to execute it with their number. by their own leisure to execute the script. I figured by using mod_rewrite, I would be able to hide the variables as I believe it is possible to hide them by rewriting the actual identity=8 to something like id=8 so that users would not be able to see any of the args in the browser line as they would only see the index.php, while still enabling me to use the $_GET from the url that it is being redirected to.

I found this, but I dont get how multiple queries work. Do all queries have to be stored in variables? If so, then how in the world do I execute an update query or replace? Can someone please tell me and if possible, show me an example? [code]<?php function connectDb($user, $pass, $host, $db) {     //this function connects to a mysql server     $sock = mysql_connect($host, $user, $pass);       //this function connects to a mysql database, once a server has been reached.     if(isset($sock)) {         if(!mysql_select_db($db, $sock)) {             echo mysql_error();         }     }     return $sock; } //simple use of the function $socket = connectDb('bilbo','b@gg1ns','localhost','test'); //create an sql query $sql = "SELECT *  FROM sample"; //perform the query and return a resource identifier to $query $query = mysql_query($sql, $socket); //show all the data via a while loop while($data = mysql_fetch_assoc($query)) {     //using foreach, list all the data that was returned in the $data array from mysql_fetch_assoc     foreach($data as $key => $value) {         echo $key.' = '.$value.'<br />';     }     echo '<br />'; } ?> [/code]