php_guest Posted June 23, 2010 Share Posted June 23, 2010 What are the correct ways to make mysql queries? a) 1. mysql_query("UPDATE inbox SET `city` = '1'... 2. mysql_query("UPDATE inbox SET `city` = 1... 3. mysql_query("UPDATE inbox SET `city` = $_POST[city]... 4. $city=$_POST[city]; mysql_query("UPDATE inbox SET `city` = $city 5. mysql_query("UPDATE inbox SET `city` = ".$_POST[city]."... and b) the same examples but if data is varchar and not numeric. I hope there is any body who can take a look to those queries. I would really like to finall clerify what is correct way. Thank you! Quote Link to comment https://forums.phpfreaks.com/topic/205675-the-correct-syntax-for-mysql-queries-with-php/ Share on other sites More sharing options...
fenway Posted June 24, 2010 Share Posted June 24, 2010 1 & 2 have to do with sql injection -- it's a good idea to quote literals regardless. 3/4/5 are php variable iterpolation issues. Quote Link to comment https://forums.phpfreaks.com/topic/205675-the-correct-syntax-for-mysql-queries-with-php/#findComment-1076392 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.