I've got a URL path during my SQL query, that is retrieved from the URL variable, like so:


This works fine and has the capacity to query the database and obtain the needed output.

However, after i introduce a us dot, like so:


It does not work, despite the fact that it is incorporated in the database in much the same way.

Are you able to assist me to with this particular? Should i scribe the us dot in some way?

Thanks greatly,


Update: As asked for, the code:

$slug = $_GET['slug'];
$result = mysql_query("SELECT * FROM pages WHERE slug='$slug'") or die(mysql_error());

No response to your question, but:

Do not use anything obtained from request parameters straight to construct an SQL statement. You open you to ultimately SQL Injection attack this way. Make use of a prepared statement, or at best escape special figures inside your string with mysql_real_escape_string.