Remember to set variables before they are used, unless you *enjoy* SQL injection...

Remember to set variables before they are used, unless you *enjoy* SQL injection via register_globals vulnerability.