At 1/30/2007 02:14 PM, nitrox . wrote:
If its not too much would you (or anybody) give a brief explanation
of what this code is doing? Or are there any tutorials online that I
can read that will educate me on this? Thanks again to all for your
replies. Ive saved them all for future reference.
atleast this part: $user_id = mysql_real_escape_string((int)
$_GET['user_id']);
The querystring parameter user_id is interpreted as an integer and
then escaped as needed to be safe in a querystring:
"mysql_real_escape_string -- Escapes special characters in a string
for use in a SQL statement"
http://php.net/mysql_real_escape_string
(int) casts the subsequent value as an integer. "Type casting in PHP
works much as it does in C: the name of the desired type is written
in parentheses before the variable which is to be cast."
http://php.net/manual/en/language.types.type-juggling.php#language.types.typecasting
see also:
Converting to integer
http://php.net/manual/en/language.types.integer.php#language.types.integer.casting
HTTP GET variables: $_GET. "An associative array of variables passed
to the current script via the HTTP GET method."
http://php.net/manual/en/reserved.variables.php#reserved.variables.get
I recommend that you make the online PHP manual your resource of
first resort. It's got a built-in search engine: just enter
php.net/searchterm into your browser address bar.
Regards,
Paul
__________________________
Juniper Webcraft Ltd.
http://juniperwebcraft.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
