Ramon-15 wrote:
>
> Hi all,
>
> I've written a php script, called test.php, consisting of the following
> statements:
>
> <?php
> error_reporting(E_ALL);
> $query = $_GET['sql'];
> echo $query;
> ?>
> Using the script with 'small' values for the parameter sql works fine.
> Although, using the script with the sql query as specified below
>
> http://localhost/test.php?sql="SELECT orders_id, customers_id,
> customers_name, customers_company, customers_street_address,
> ---8<---
> last_modified >= 18991230 ) and orders_status in (1,2,3) and%2ÃnÃ
>
> I do not understand why the value of the sql parameter is truncated. Any
> help is appreciated!!
>
> Thanks in advance!
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
i assume you are running into the max size limit(1024?) for $_GET, use _POST
instead,
furthermore you should apply some security measures!
--
View this message in context:
http://www.nabble.com/_GET%28%27name%27%29--truncates-tf3176524.html#a8814114
Sent from the PHP - General mailing list archive at Nabble.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php