Home/ Questions/Q 7967113
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T06:36:44+00:00

I need some help with this! I´m passing multiple variables through URL and on

  • 0

I need some help with this!
I´m passing multiple variables through URL and on the landing page I have this in my code:

str = "
    SELECT
    *
    FROM wp_usermail
    WHERE ID= ".@$_GET['ID']"& Till=".@$_GET['Till'];

I want to be more accurate to select the right information from the database so both ID and Till needs to be correct otherwise you cant see the content on the page.

Right now I get parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Replace it with this:

    $str = "
SELECT
*
FROM wp_usermail 
WHERE ID = '" . mysql_real_escape_string ($_GET ['ID']) . "' AND Till = '" . mysql_real_escape_string ($_GET ['Till']) . "'";

    You were missing the $ in the variables’ name, multiple .s, correct quotes around your variables and you didn’t escape the input, which you should always do for security.

    One more thing: you should stop using the mysql_* functions and start using either mysqli or PDO, since mysql_* are now deprecated.

    • 0