Good afternoon.
I found this code in a program I'm renovating and think this is very redundant. Also, it does slow queries down while doing all of the conversions.
prod_id in the mysql database is declared an integer.
<SQL above> where prod_id = '" . (int)$prod_id . "' and <SQL below>
Question: since $prod_is is already an integer, why would someone convert it into an integer, then convert it into a string to later have mysql convert it back into an integer?? Could someone shed some light on the intent behind this weird code??
How do you KNOW that $prod_id is an integer? If register_globals is ON and it's coming from user input, then you don't.
The only part that's redundant is including the single quotes in the SQL statement for an integer.
where prod_id = " . (int)$prod_id . " and
would be more efficient.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
