Page 1 of 1

Differences of SQL statement

Posted: Tue Jan 14, 2003 7:55 am
by Pakcik_Kantin
I found phpMyAdmin uses
select '*' from 'mytable' where instead of using select * from without a quote. Is there a dffirence.

Sometimes i can block my sql script by using this.

normal
$query='something';
$sql='select * from mytable where field1=$query';

After customize
$query='drop database';
$sql='select * from mytable where field1='.'drop database';

is there any way to check a valid query or a sql statement. I heard they use the addslashes.