There is an equals sign in the $filename of file_get_contents in my PHP file and it is getting converted to '%3'. How do I deal with this?

I have a php file that takes an image from a website and stores it in my database. The name of the file contains an equals symbol. The file I end up storing is the image I get when I change the equals sign into '%3' in the URL. How can I make it pick up the file that is in the location whose URL maintains the '='开发者_开发百科?

$idNum=$_GET['idNum'];
$testpage = file_get_contents('http://www.something.com/php/thePic.php?id=$idNum');
$testpage = mysql_real_escape_string($testpage);  
mysql_query("UPDATE tblSomething SET Pic = '$testpage' WHERE id='$idNum'");

Thanks, R

The filename is coming out in a "urlencoded" form.. You need to use the urldecode() function to get back the = sign.

urldecode($string);

See more here - http://php.net/manual/en/function.urldecode.php

So before your SQL query, add this line- urldecode($field);

And yes.. You are vulnerable to SQL injection attacks.. With these attacks, your WHERE clause can be easily bypassed. Just make sure you dont do any sensitive processing with this kind of a query.