PHP NOTES 7 NOTE 33555 ADDED TO REF SESSION

PHP NOTES 7 NOTE 33555 ADDED TO REF SESSION

Date: 30 Jun 2003 15:30:06 -0000

Subject: note 33555 added to ref.session

From: tomhunter@no-spam

DANGER, WATCH OUT!

Using the superglobal $_SESSION array with DB queries is dangerous. EG:

mysql_query("select foo from bar where username='$_SESSION['username']'");

TOO MANY QUOTES!

Instead:

$q = "select foo from bar where username='".$_SESSION['username']."'";
mysql_query($q);

But, then...you probably knew that already.
----
Manual Page -- http://www.php.net/manual/en/ref.session.php Edit Note -- http://master.php.net/manage/user-notes.php?action=edit+33555
Delete Note -- http://master.php.net/manage/user-notes.php?action=delete+33555&report=yes
Reject Note -- http://master.php.net/manage/user-notes.php?action=reject+33555&report=yes

Date: 7 Jul 2003 14:59:39 -0000

Subject: note 33555 deleted from ref.session by didou

From: didou@no-spam

Note Submitter: tomhunter@no-spam
----

DANGER, WATCH OUT!

Using the superglobal $_SESSION array with DB queries is dangerous. EG:

mysql_query("select foo from bar where username='$_SESSION['username']'");

TOO MANY QUOTES!

Instead:

$q = "select foo from bar where username='".$_SESSION['username']."'";
mysql_query($q);

But, then...you probably knew that already.