subject:"RE\: \[PHP\] revised query problem \(sorry\)"

RE: [PHP] revised query problem (sorry)

2003-10-28 Thread Pablo Gosse

Yours:

$query=SELECT payment 
FROM payment 
WHERE payment.dln='.$_POST[dln].' 
= users.dln='.$_POST[dln].' 
and payment.payment='.$_POST[payment].';

Mine:

$query=SELECT payment 
FROM payment 
WHERE payment.dln='.$_POST[dln].' 
AND 
users.dln='.$_POST[dln].' 
and payment.payment='.$_POST[payment].';

See the difference?

-Original Message-
From: Frank Tudor [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 28, 2003 9:09 AM
To: 1PHP
Subject: [PHP] revised query problem (sorry)

$query=SELECT payment 
FROM payment 
WHERE payment.dln='.$_POST[dln].' 
= users.dln='.$_POST[dln].' 
and payment.payment='.$_POST[payment].';

Will this work?

Frank

__
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] revised query problem (sorry)

2003-10-28 Thread Jay Blanchard

[snip]
$query=SELECT payment 
FROM payment 
WHERE payment.dln='.$_POST[dln].' 
= users.dln='.$_POST[dln].' 
and payment.payment='.$_POST[payment].';

Will this work?
[/snip]

Aside from what Chris said (excellent advice!) the query above will not
work because the 4rth line 

= users.dln='.$_POST[dln].' 

has no conditional on it. In other words you cannot say

WHERE foo=foo=bar=bar

you need to say

where foo=foo
and bar=bar
and payment=paypment

Other than that this is bad for the reasons Chris stated.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] revised query problem (sorry)

2003-10-28 Thread Curt Zirzow

* Thus wrote Pablo Gosse ([EMAIL PROTECTED]):
 Yours:
 
 $query=SELECT payment 
 FROM payment 
 WHERE payment.dln='.$_POST[dln].' 
 = users.dln='.$_POST[dln].' 
 and payment.payment='.$_POST[payment].';
 
 Mine:
 
 $query=SELECT payment 
 FROM payment 
 WHERE payment.dln='.$_POST[dln].' 
 AND 
 users.dln='.$_POST[dln].' 
 and payment.payment='.$_POST[payment].';
 
 See the difference?

heh.. still wont work :/  the table users still isn't in the FROM
list like what was suggested in the last post:

$query=SELECT payment 
 FROM payment, users
WHERE payment.dln=users.dln
 AND users.dln='.untainted($_POST[dln]).' 
 and payment.payment='.untainted($_POST[payment]).';


Curt
-- 
My PHP key is worn out

  PHP List stats since 1997: 
http://zirzow.dyndns.org/html/mlists/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] revised query problem (sorry)

RE: [PHP] revised query problem (sorry)

Re: [PHP] revised query problem (sorry)

3 matches

Site Navigation

Mail list logo

Footer information