On Wed, November 9, 2005 5:21 pm, Ross wrote:
> $query = "SELECT * FROM login where username='$_POST['username']' AND
> pass
> ='$_POST['pass']'";
In addition to the fine posts regarding SQL Injection and curly
braces, I'd like to provide one other alternative heretofore
unmentioned:
$query = "SE
On Wed, Nov 09, 2005 at 11:21:36PM -, Ross wrote:
>
> What is the correct syntax for
>
> $query = "SELECT * FROM login where username='$_POST['username']' AND pass
> ='$_POST['pass']'";
>
http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Ross wrote:
$query = "SELECT * FROM login where username='$_POST['username']' AND
pass ='$_POST['pass']'";
You have to use curly braces in order to interpolate an array:
$string = "...{$array['foo']} ...";
By the way, my favorite username is this:
chris' --
That's what all my friends call m
Ross wrote:
What is the correct syntax for
$query = "SELECT * FROM login where username='$_POST['username']' AND pass
='$_POST['pass']'";
Thought this would work.
R.
Search for "SQL Injection" and see why what you're doing is very
dangerous. Google is your friend.
--
PHP General Mail
$query = "SELECT * FROM login WHERE username = '".$_POST['username']."' AND
pass = '". $_POST['pass']."'";
> What is the correct syntax for
>
> $query = "SELECT * FROM login where
> username='$_POST['username']' AND pass ='$_POST['pass']'";
>
>
> Thought this would work.
>
> R.
>
> --
> P
What is the correct syntax for
$query = "SELECT * FROM login where username='$_POST['username']' AND pass
='$_POST['pass']'";
Thought this would work.
R.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
6 matches
Mail list logo
