Like this?Paul wrote:There need to be single quotes around the $$invitee variable.
Code: Select all
WHERE username = '$invitee'";
Please explain what you mean by that. Sanitize?Paul wrote:Also, you need to santinize that var to prevent SQl i njection.