Posted: Mon Jun 18, 2007 3:29 pm
Yes just tested it and it works like a dream. Before I leave this as resolved, do I need to/how would I add mysql_real_escape_string to any of my code?
A community of PHP developers offering assistance, advice, discussion, and friendship.
http://forums.devnetwork.net/
Code: Select all
<?php
$var = mysql_real_escape_string($var);
$sql = "INSERT INTO table (field) VALUES ('$var')";
?>Code: Select all
if(!empty($dvdgenre)) {
mysql_real_escape_string($releasedate);
mysql_real_escape_string($dvdgenre);
$query = "SELECT dvd_titles.dvd_id
, dvd_title
, ROUND((coalesce(sum(totalfilm),0)
+coalesce(sum(empire),0)
+coalesce(sum(radiotimes),0)
+coalesce(sum(independent),0)
+coalesce(sum(mirror),0)
+coalesce(sum(guardian),0)
) /
coalesce( count(totalfilm)
+count(empire)
+count(radiotimes)
+count(independent)
+count(mirror)
+count(guardian)
),1) as rounded_rating
, prodn_year
, date_format(dvd_rlsdate,'%d %b %y') as rlsdate
, dvd_genre
, totalfilm
, empire
, radiotimes
, independent
, mirror
, guardian
, form_value
FROM dvd_titles
, dvd_genres
, critics_ratings
, rls_quarters
, show_all
WHERE dvd_genres.dvd_id=dvd_titles.dvd_id
AND dvd_titles.dvd_id=critics_ratings.dvd_id
AND dvd_titles.dvd_id=rls_quarters.dvd_id
AND dvd_titles.dvd_id=show_all.dvd_id
AND (rls_quarter='$releasedate' OR form_value='$releasedate')
AND (dvd_genre='$dvdgenre' OR form_value='$dvdgenre')
GROUP BY dvd_titles.dvd_id
ORDER BY dvd_title";
}