I want to get a list of films, and then get each review on them, and then to get a bit more information on that review. If there are no reviews, however, I still want the film to appear - which at the moment they are not.
SELECT f.film_id,
r.review_id,
o.other_id
FROM `film` f
LEFT JOIN `review` r
ON r.film_id = f.film_id
LEFT JOIN `other_information` o
ON o.review_id = r.review_id
WHERE r.film_id = " . (int)$_GET['film_id] . "
ORDER BY f.title
(int) escapes it more the mysql_real_escape_string which parses it as a string and escapes reserved tokens, (int) ensures only an integer is allowed which would rule out everything mysql_real_escape_string would have escaped, plus character data which is probably invalid for that column type anyways. Int will also remove any erroneous whitespace, always use the most restrictive column types and validation when in doubt
jshpro2, I'm not too sure what you are trying to say. Using (int) would be perfectly acceptable in this situation (not to mention faster due to it being a language construct), and in my opinion preferable since we only want to allow integers, not strings - since the database column is also of type integer.
onion2k wrote:You're not selecting the film. You're selecting the review.
That's why I hate when one uses "table as t" ... It's like using a single character for naming vars in PHP code
I really can't understand why one should make it short - both bad readability and hard for future maintenance.
I use this form of writing (I use descriptive name for the alias) only when I need a real alias for a table that has been already selected from.
I think one should avoid using "short names" for tables especially when asking for help.