-3

This is my code

$qry = $conn-> query("SELECT * FROM vacancy where id=".$_GET['id'])->fetch_array()
foreach($art as $k =>$v)
$$k = $v;php
RiggsFolly
  • 89,708
  • 20
  • 100
  • 143
Akamba Edet Apkaeti
  • 1
  • 1
  • 1
    **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) – Dharman May 11 '22 at 11:47
  • The error suggests that `id` is not a valid key in `$_GET`. You'll need to debug to find out why you expect it to be and why it isn't. As an aside, this code is *wide open* to **SQL injection**. You should get in the habit of using prepared statements with query parameters instead of directly injecting user-modifiable values into your SQL code, otherwise you're just inviting lots of future problems. – David May 11 '22 at 11:48

0 Answers0