Battleship40 - 4:28 pm on Jul 14, 2011 (gmt 0)

Thanks LifeinAsia,

for the categories.php file, is this all I need to do in order to be protected:



// Connect
$link = mysql_connect('', '', '')
OR die(mysql_error());

// Query
$query = sprintf("SELECT * FROM findplantsdb WHERE Name='" . $_GET['pullname'] . "'";
$result= mysql_real_escape_string($query),
$num_results= mysql_real_escape_string($result));


and is this the only file I need to protect?

Thank you for your help. Oh, and it is pulling data - the problem is that it is pulling ALL plant data, not just the checked item.