Jump to content


mysql_query hack

  • Please log in to reply
3 replies to this topic

#1 Caps

  • New Members
  • Pip
  • Newbie
  • 1 posts

Posted 04 October 2006 - 04:13 PM

Is it allowed to have more than one SQL statements (SELECT and DELETE) in one mysql_query() method? Or must you have two mysql_query methods to it?

If the user posts something you want to set into your database, will they could finished the insert statement and execute a drop and delete statement in the same mysql_query method?

site.php?id = ....
$id = "'; DELETE FROM users WHERE id = 1" //user changed variable
mysql_query("SELECT navn FROM users WHERE id = '$id'")

The above code does not work, but I hope you got the idea of it. Is it possible in any way?

#2 roopurt18

  • Staff Alumni
  • Advanced Member
  • 3,749 posts
  • LocationCalifornia, southern

Posted 04 October 2006 - 06:17 PM

One query at a time.
PHP Forms : Part I | Part II

JavaScript: Singleton


#3 trq

  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 04 October 2006 - 06:19 PM

I believe mysql5 may handle multiple queries seperated by colons. Not 100% sure though.. havent used mysql in a long time.

#4 JaGeK

  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 04 October 2006 - 06:26 PM

I believe mysql5 may handle multiple queries seperated by colons.

As far as I know, there is no difference how mysql_query() behaves depending on the MySQL version. One query is allowed, not more.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users