Help a noob with $_GET[id]

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

miro_igov
Forum Contributor
Posts: 485
Joined: Fri Mar 31, 2006 5:06 am
Location: Bulgaria

Post by miro_igov »

There is no need of single quotes if the id does not contain any special characters like space, quotes, \r, \n etc.

it is legal to use

Code: Select all

$query = "SELECT * FROM `news_posts` WHERE newstype=test";
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Post by Zoxive »

Code: Select all

mysql>SELECT * FROM `news_posts` WHERE newstype=test;
ERROR 1054 (42S22): Unknown column 'test' in 'where clause'
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

miro_igov wrote:it is legal to use

Code: Select all

$query = "SELECT * FROM `news_posts` WHERE newstype=test";
No it isn't.
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

miro_igov wrote:
it is legal to use
php:

$query = "SELECT * FROM `news_posts` WHERE newstype=test";


No it isn't.
NOTE:Even if you have only an id column whose type is integer(long, etc.) and although it is legal(syntactically only) it is a very bad practice.
miro_igov
Forum Contributor
Posts: 485
Joined: Fri Mar 31, 2006 5:06 am
Location: Bulgaria

Post by miro_igov »

Hmm yes, it is illegal, sorry.
Post Reply