How to prevent SQL INJECTION ?

PHPLOVER07

Hi,

Thanks

cgraz

please do a basic search before posting questions. Type in "SQL injection" as a keyword to search this board and you'll find hundreds of good responses.

Piranha

And please read the article on phpbuilder about sql injection / database injection.

PHPLOVER07

I searched and didn't find,

This code is safety ? :

<?php
// Connect to mysql server
include('mysql.php');

// Query
$nameid = $_GET['id']l;
$showname = mysql_query("SELECT * FROM main WHERE id='$id'") or die (mysql_error());
$row = mysql_fetch_array($showname);
echo $row[name]."<br>";
?>

Piranha

Strange, there must have been something wrong with the server at the exact moment when you searched. When I went to this page and searched for "injection" there was hits. I suggest that you try again to see if the server error have been solved.