Re: [PHP] a weired query issue

Daniel Brown Thu, 08 Jan 2009 06:18:25 -0800

On Thu, Jan 8, 2009 at 09:10, tedd <tedd.sperl...@gmail.com> wrote:
>
> $sql = "SELECT id FROM modules_permissions WHERE id = '$permissionId' ";


    I was going to ask something about sanity, but then I remembered
with whom it is I'm speaking.  ;-P

    That aside, don't forget your pre-database-interaction sanity.
Even an explicitly internally-defined variable can have issues, so
unless you're 100% certain that it will be safe, it's better to <?php
mysql_real_escape_string($permissionId); ?>, et al.

-- 
</Daniel P. Brown>
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Unadvertised dedicated server deals, too low to print - email me to find out!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] a weired query issue

Reply via email to