It works now! I must have missed the spaces on either side of $rid when I tried before. I never would've tried that on my own. What exactly is happening there, does the space act as a concatenation operator? Thanks so much!
IN operator
IN operator
Yes, all the pieces passed to a SQL statement are concatenated together literally (hence the SQL injection possibility). A variable reference inside a string is treated as a parameter place-holder, and the data sent as a single piece of data into the SQL, avoiding the need for escapement.
John Turnbull
Thunderstone Software
Thunderstone Software