Why my query is not working?

Posted by Poma on Stack Overflow See other posts from Stack Overflow or by Poma
Published on 2011-01-09T00:34:56Z Indexed on 2011/01/09 0:54 UTC
Read the original article Hit count: 137

Filed under:
|
|

my website has PHP command:

mysql_query("SELECT * FROM users WHERE id=" . $_GET["id"]) or die(mysql_error());

When I enter URL

http://example.com/index.php?id=1;%20UPDATE%20users%20SET%20password=123%20WHERE%20id=1

I get following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UPDATE users SET password=abc WHERE id=1' at line 1

But in phpmyamin query executes successfully. What's wrong here? Why it doesn't execute in browser?

© Stack Overflow or respective owner

Related posts about php

Related posts about mysql