escape_string(trim($_POST['tableName'])); $table_fields = $dbs->escape_string(trim($_POST['tableFields'])); if (isset($_POST['id']) AND !empty($_POST['id'])) { $id = $dbs->escape_string(trim($_POST['id'])); } else { die('' . __('No ID Supplied!') . ''); } // sql string $sql_string = "SELECT $table_fields FROM $table_name WHERE $table_fields='$id' LIMIT 1"; // send query to database $query = $dbs->query($sql_string); $error = $dbs->error; if ($error) { die('SQL ERROR : '.$error); } if ($query->num_rows > 0) { echo '' . __('ID Already exists! Please use another ID') . ''; } else { // output the SQL string echo '' . __('ID Available') . ''; }