SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Addict
    Join Date
    Dec 2011
    Posts
    221
    Mentioned
    4 Post(s)
    Tagged
    0 Thread(s)

    saving in phpmysql

    is there any difference between

    Code:
     mysql_query = ("INSERT INTO user SET VALUES(,'".$name."', '".$pass."', '".$seed."')");
    and

    Code:
     mysql_query = ("INSERT INTO user SET VALUES('$name', '$pass', '$seed')");
    in inserting values in db. I'm referring to the qoutes, seems like I'm confused which is the safest way to write data in db.
    Assuming I pass already the variables in mysql_real_string_escape.

  2. #2
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,191
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Both of the examples you posted above have incorrect syntax as you can't use an equals sign in between a function and the argument(s), the second issue is the first example has a comma before the $name value which will a MySQL error due to there been no value in the argument. See the below which is the correct PHP MySQL function syntax.

    PHP Code:
    if (!$result mysql_query("INSERT INTO user VALUES('$name', '$pass', '$seed')")) {
        
    trigger_error('A MySQL Error has occurred:<br />' mysql_error(), E_USER_WARNING);


  3. #3
    SQL Consultant gold trophysilver trophybronze trophy
    r937's Avatar
    Join Date
    Jul 2002
    Location
    Toronto, Canada
    Posts
    39,251
    Mentioned
    59 Post(s)
    Tagged
    3 Thread(s)
    SET VALUES is wrong in both cases
    rudy.ca | @rudydotca
    Buy my SitePoint book: Simply SQL
    "giving out my real stuffs"


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •