Page 1 of 1

Quick Syntax Question

Posted: Thu Sep 02, 2010 11:05 pm
by neesley
What's the issue with this?

Code: Select all

$emp = mysql_query("SELECT personID FROM employees WHERE last_name = '$_POST[update]'");
 
$upd = "UPDATE schedule SET $_POST[type] = $emp WHERE ID ='$_POST[ID]'";
Thanks!

Re: Quick Syntax Question

Posted: Fri Sep 03, 2010 3:32 am
by requinix
Don't forget the obvious SQL injection problem.

mysql_real_escape_string