Re: how to handle inserting special characters into a mysql field

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday 15 December 2007 18:59:12 Richard Lynch wrote:
> On Fri, December 14, 2007 11:03 am, Adam Williams wrote:
> > $query = sprintf("SELECT * FROM users WHERE user='%s' AND
> > password='%s'",
> >             mysql_real_escape_string($user),
> >             mysql_real_escape_string($password));
> >
> > and I understand it uses the %s because of sprintf(), to indicate the
> > data is a string.  However, thats not syntax I'm used to seeing.  If I
> > rewrite the code to the following below, will it return the same
> > results
> > or error when queried?
> >
> > $user = mysql_real_escape_string($user);
> > $password = mysql_real_escape_string($password)
> > $query = "SELECT * FROM users WHERE user='$user' AND
> > password='$password'";
>
> Yes, you will get the same result.
>
> You could have run both sets of code to try it faster than I typed
> this answer.

lol, love those comment, but I'm horrible myself, to ask these kind of 
questions =D

>
> :-)
>
> --
> Some people have a "gift" link here.
> Know what I want?
> I want you to buy a CD from some indie artist.
> http://cdbaby.com/from/lynch
> Yeah, I get a buck. So?



-- 
---
Børge Holen
http://www.arivene.net

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux