On 9 August 2011 16:31, Tim Streater <tim@xxxxxxxxxxxxxxxx> wrote:
> On 09 Aug 2011 at 13:30, Chris Stinemetz <chrisstinemetz@xxxxxxxxx> wrote:
>
>> Not sure if I am doing it right. It looks like the last single quote
>> is being escaped.
>>
>> When I dump the query I get:
>>
>> SELECT store_id, store_subject FROM stores WHERE store_subject =
>> 'Bella Roe 4980 Roe Blvd\'
>>
>>
>> I am thinking maybe I have too many single quotes some where, but I
>> can't find it.
>>
>> echo '<h4><a href="store.php?id=' . $storerow['store_subject'] . '">'
>> .. $storerow['store_subject'] . '</a></h4> at ' . date('m-d-Y',
>> strtotime($storerow['store_date']));
>>
>>
>> The query:
>>
>> $sql = "SELECT store_id, store_subject
>> FROM stores
>> WHERE store_subject = '" . mysql_real_escape_string($_GET['id']."'");
>
> Why don't you:
>
> 1) Make this a single line instead of splitting it over three. No need to do that.
>
> 2) Having created $sql, echo it out. That way you could see whether it's correct or not.
>
> Doing (1) and (2) will make it a damn sight easier to see what you are *actually* creating.
>
> --
> Cheers -- Tim
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
A single line of SQL is what things start out as. But it is a language
just like any other and as such, indenting has proven advantages.
--
Richard Quadling
Twitter : EE : Zend : PHPDoc
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
