question on mysq1 real escape string

[Shadowing]

on the first column do I need to escape that? "pm_id"

if so how do i do that with the right syntax

is it like this?

pm_id = '.mysql_real_escape_string.'

 

 

<?php $mail2 = "INSERT INTO pm SET pm_id = '', sendto = '".mysql_real_escape_string($to)."', sentfrom = '".mysql_real_escape_string($from)."' ?>

 

Also when you create a new row with a id  having auto increment. do i have to do id ="" so there isnt ever two rows matching the same id?

[trq]

Your not inserting any data so there is nothing to escape. And no, just update the columns you wish to update.

[Shadowing]

alright so only escape when im taking information from a user form and updating or inserting right?

 

any idea about the id duplicating question? really curious about that

[trq]

As I said, you only need to update the fields you actually want to update. Trying to set an auto incrementing field to an empty string "" will only cause an error.

[Shadowing]

oh so mysql wont give another row the same id cause its just built not to do that?

[trq]

Sorry, i didn't notice your example was an INSERT query. Most people don't use that syntax for an insert.

 

Anyway, It's not called "auto increment" for nothing.

[Shadowing]

ok good then so i can leave it out and not have to worry about someone getting the same id

 

someone said i had to do that in a tutor i was doing like 3 weeks ago so i always wonder if it was true

 

thanks alot for the help thorpe

[trq]

someone said i had to do that in a tutor i was doing like 3 weeks ago so i always wonder if it was true

 

I would suggest you misunderstood the tutorial or it was poorly written. You cannot insert a string into an integer type field.