Jump to content

the correct syntax for mysql queries with php


php_guest

Recommended Posts

What are the correct ways to make mysql queries?

a)

1.

mysql_query("UPDATE inbox SET `city` = '1'...

 

2.

mysql_query("UPDATE inbox SET `city` = 1...

 

3.

mysql_query("UPDATE inbox SET `city` = $_POST[city]...

 

4.

$city=$_POST[city];

mysql_query("UPDATE inbox SET `city` = $city

 

5.

mysql_query("UPDATE inbox SET `city` = ".$_POST[city]."...

 

and b) the same examples but if data is varchar and not numeric.

 

I hope there is any body who can take a look to those queries. I would really like to finall clerify what is correct way.

 

Thank you!

Link to post
Share on other sites

1 & 2 have to do with sql injection -- it's a good idea to quote literals regardless.

 

3/4/5 are php variable iterpolation issues.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.