On Saturday 15 December 2007 18:59:12 Richard Lynch wrote:
> On Fri, December 14, 2007 11:03 am, Adam Williams wrote:
> > $query = sprintf("SELECT * FROM users WHERE user='%s' AND
> > password='%s'",
> > mysql_real_escape_string($user),
> > mysql_real_escape_string($password));
> >
> > and I understand it uses the %s because of sprintf(), to indicate the
> > data is a string. However, thats not syntax I'm used to seeing. If I
> > rewrite the code to the following below, will it return the same
> > results
> > or error when queried?
> >
> > $user = mysql_real_escape_string($user);
> > $password = mysql_real_escape_string($password)
> > $query = "SELECT * FROM users WHERE user='$user' AND
> > password='$password'";
>
> Yes, you will get the same result.
>
> You could have run both sets of code to try it faster than I typed
> this answer.
lol, love those comment, but I'm horrible myself, to ask these kind of
questions =D
>
> :-)
>
> --
> Some people have a "gift" link here.
> Know what I want?
> I want you to buy a CD from some indie artist.
> http://cdbaby.com/from/lynch
> Yeah, I get a buck. So?
--
---
Børge Holen
http://www.arivene.net
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
