a better way, code technique?

is there a better way (hopefully simpler) to code this? i want to get the user id of the logged in user to use in my next statement. $q1 = sprintf(SELECT uid FROM users WHERE users.username='$username'); $result1 = mysql_query($q1); $uid = mysql_fetch_array($result1); $u = $uid['uid']; it

AW: a better way, code technique?

. September 2009 12:52 An: mysql@lists.mysql.com Betreff: a better way, code technique? is there a better way (hopefully simpler) to code this? i want to get the user id of the logged in user to use in my next statement. $q1 = sprintf(SELECT uid FROM users WHERE users.username='$username'); $result1

AW: a better way, code technique?

An: andrewhu...@gmail.com; mysql@lists.mysql.com Betreff: AW: a better way, code technique? You should escape $username before passing it to mysql if its user submitted data ... sql-injection one/two liner: but error prone! $un = mysql_real_escape_string($username); list($id) = mysql_fetch_row

Re: a better way, code technique?

AndrewJames wrote: is there a better way (hopefully simpler) to code this? i want to get the user id of the logged in user to use in my next statement. $q1 = sprintf(SELECT uid FROM users WHERE users.username='$username'); The only improvement I can see is: $q1 = sprintf(SELECT uid

AW: Re: a better way, code technique?

-Ursprüngliche Nachricht- Von: Per Jessen [mailto:p...@computer.org] Gesendet: Freitag, 4. September 2009 13:05 An: mysql@lists.mysql.com Betreff: Re: a better way, code technique? AndrewJames wrote: is there a better way (hopefully simpler) to code this? i want to get the user id

Re: AW: Re: a better way, code technique?

, code technique? -Ursprüngliche Nachricht- Von: Per Jessen [mailto:p...@computer.org] Gesendet: Freitag, 4. September 2009 13:05 An: mysql@lists.mysql.com Betreff: Re: a better way, code technique? AndrewJames wrote: is there a better way (hopefully simpler) to code this? i want to get

AW: AW: Re: a better way, code technique?

-Ursprüngliche Nachricht- Von: AndrewJames [mailto:andrewhu...@gmail.com] Gesendet: Freitag, 4. September 2009 13:35 An: Skoric, Majk; p...@computer.org; mysql@lists.mysql.com Betreff: Re: AW: Re: a better way, code technique? hahah thank-you, love the responses here. you guys

Re: a better way, code technique?

You should store the current user id in a session variable. Then you don't have to hit the database at all. There really is no short way of doing it. Normally you would create a function (i.e. runQuery) that you pass the query too. Then it handles running the query, fetching the data, error

RE: a better way, code technique?

from you in those few functions! =P Regards, Gavin Towey -Original Message- From: Brent Baisley [mailto:brentt...@gmail.com] Sent: Friday, September 04, 2009 6:21 AM To: AndrewJames Cc: mysql@lists.mysql.com Subject: Re: a better way, code technique? You should store the current user id

RE: a better way, code technique?

+2 -Original Message- From: Brent Baisley [mailto:brentt...@gmail.com] Sent: Friday, September 04, 2009 6:21 AM To: AndrewJames Cc: mysql@lists.mysql.com Subject: Re: a better way, code technique? You should store the current user id in a session variable. Then you don't have