Jump to content

the correct syntax for mysql queries with php


Recommended Posts

What are the correct ways to make mysql queries?



mysql_query("UPDATE inbox SET `city` = '1'...



mysql_query("UPDATE inbox SET `city` = 1...



mysql_query("UPDATE inbox SET `city` = $_POST[city]...




mysql_query("UPDATE inbox SET `city` = $city



mysql_query("UPDATE inbox SET `city` = ".$_POST[city]."...


and b) the same examples but if data is varchar and not numeric.


I hope there is any body who can take a look to those queries. I would really like to finall clerify what is correct way.


Thank you!

Link to post
Share on other sites

1 & 2 have to do with sql injection -- it's a good idea to quote literals regardless.


3/4/5 are php variable iterpolation issues.

Link to post
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.