PHWinfo - Afficher un message

14/03/2008, 23h40

Then it's the other query (with the ORDER BY) that you want to look at to fix
the SQL error.

Don't forget to use (assuming MySQL) mysql_real_escape_string() on all
variables being used in the SQL query. That'll prevent a problem with
single quotes or other bad characters showing up in your variables and
breaking your SQL. Not to mention the security benefits.

-TG

----- Original Message -----
From: Jason Pruim <japruim@raoset.com>
To: "TG" <tg-php@gryffyndevelopment.com>
Cc: "PHP General List" <php-general@lists.php.net>
Date: Fri, 14 Mar 2008 17:11:40 -0400

> > Ok so the next thing to check is your query. Maybe echo it out so
> > you can
> > see what's actually attempting to execute.
>
> echo from my actual query
> SELECT * FROM current WHERE loginName='japruim' AND
> loginPassword='mybadpassword' LIMIT 0,1;
> >
> >
> > I don't see an "ORDER BY" in the SQL listed below.
>
> The ORDER BY actually comes from a different query that should ONLY be
> done AFTER successful login... It's actually related to the sorting of
> the records that should be retrieved.

14/03/2008, 23h40	#1
TG Messages: n/a Hébergeur:	Re: [PHP] Is this the best way? Then it's the other query (with the ORDER BY) that you want to look at to fix the SQL error. Don't forget to use (assuming MySQL) mysql_real_escape_string() on all variables being used in the SQL query. That'll prevent a problem with single quotes or other bad characters showing up in your variables and breaking your SQL. Not to mention the security benefits. -TG ----- Original Message ----- From: Jason Pruim <japruim@raoset.com> To: "TG" <tg-php@gryffyndevelopment.com> Cc: "PHP General List" <php-general@lists.php.net> Date: Fri, 14 Mar 2008 17:11:40 -0400 > > Ok so the next thing to check is your query. Maybe echo it out so > > you can > > see what's actually attempting to execute. > > echo from my actual query > SELECT * FROM current WHERE loginName='japruim' AND > loginPassword='mybadpassword' LIMIT 0,1; > > > > > > I don't see an "ORDER BY" in the SQL listed below. > > The ORDER BY actually comes from a different query that should ONLY be > done AFTER successful login... It's actually related to the sorting of > the records that should be retrieved.