Page 2 of 2

Posted: Mon Oct 23, 2006 10:14 am
by reecec
sorted thanks to all that helped me

Posted: Mon Oct 23, 2006 10:25 am
by volka
The sql statement is prone to sql injections, see http://en.wikipedia.org/wiki/SQL_injection
better use

Code: Select all

$ids = join(',', array_map('intval', $_POST['checkbox']));
$query = "DELETE
		FROM
			`$tbl_name`
		WHERE
			`id` IN($ids)";
$result = mysql_query($query) or die(mysql_error($link). ': '.$query);