<form action="process.php" method="post">
<input type="submit" name="p" value="<?php echo $row['tID'];?>"/>
</form>
I have the above button to send it's value to another page to renew the query results on it's own page with it's own value.
the query looks like this:
$p = $_POST['p'];
$safe_p = mysqli_real_escape_string($dcon, $p);
$sql1 = 'SELECT * FROM bla bla... WHERE tID = '.$safe_p.' ';
I was using $_GET and a href link before and it was working; but everybody says I should use more secure ways. So now I want to switch to POST.
Button shows it's value alright and all I did on the query page was changing the GET to POST so What's wrong with this query?
edit: I worked it out. The problem was not the query or the button. I just needed to set form action to the correct page. So it was me. instead of the query itself, I directed the form to the result page and it's working now.
