mysql query with single quotes?

[LooieENG]

For example, how would I do this with single quotes?

 

mysql_query("SELECT something FROM somewhere WHERE something = '$something'");

 

Also, where can I find a good, easy to understand tutorial for JOIN?

 

Thanks

[Jabop]

mysql_query("SELECT something FROM somewhere WHERE something = '".$something."'");

[LooieENG]

So I still need double quotes?

[adam84]

You can use single quotes. But if you have text, it would be a good idea to use the double quotes, so you can use a php escape method to prevent any harmful data being inserted into your database or doing some harmful stuff to your databse

[DarkWater]

How about we ask the simple question of why? >_>  And there's a pretty good joins tutorial on the main PHPFreaks page by Daniel.

[LooieENG]

^^ I was just wondering.

 

Another question, would this work, and if not, where do I put the quote marks on the md5 bit?

 

mysql_query("INSERT INTO users ('username', 'password') VALUES ('$_POST[username]', md5('password')");

[DarkWater]

^^ I was just wondering.

 

Another question, would this work, and if not, where do I put the quote marks on the md5 bit?

 

mysql_query("INSERT INTO users ('username', 'password') VALUES ('$_POST[username]', md5('password')");

 

I'd personally try something like:

$query = sprintf("INSERT INTO users(username, password) VALUES ('%1$s', '%2$s')", $_POST['username'], md5($password));

[akitchin]

you can also use MySQL's native MD5 hasher:

 

mysql_query("INSERT INTO users ('username', 'password') VALUES ('{$_POST['username']}', MD5('{$_POST['password']}'))");

[DarkWater]

Indeed you could.

[revraz]

Do you know the purpose of single and double quotes?

 

You first post was correct and shouldn't need to be changed.

 

So I still need double quotes?