Jump to content

Archived

This topic is now archived and is closed to further replies.

Caps

mysql_query hack

Recommended Posts

Is it allowed to have more than one SQL statements (SELECT and DELETE) in one mysql_query() method? Or must you have two mysql_query methods to it?

If the user posts something you want to set into your database, will they could finished the insert statement and execute a drop and delete statement in the same mysql_query method?

Like:
site.php?id = ....
$id = "'; DELETE FROM users WHERE id = 1" //user changed variable
mysql_query("SELECT navn FROM users WHERE id = '$id'")

The above code does not work, but I hope you got the idea of it. Is it possible in any way?

Share this post


Link to post
Share on other sites
I believe mysql5 may handle multiple queries seperated by colons. Not 100% sure though.. havent used mysql in a long time.

Share this post


Link to post
Share on other sites
[quote author=thorpe link=topic=110490.msg446801#msg446801 date=1159985951]
I believe mysql5 may handle multiple queries seperated by colons.[/quote]
As far as I know, there is no difference how mysql_query() behaves depending on the MySQL version. One query is allowed, not more.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.