is there a better way (hopefully simpler) to code this?
i want to get the user id of the logged in user to use in my next statement.
$q1 = sprintf(SELECT uid FROM users WHERE users.username='$username');
$result1 = mysql_query($q1);
$uid = mysql_fetch_array($result1);
$u = $uid['uid'];
it
. September 2009 12:52
An: mysql@lists.mysql.com
Betreff: a better way, code technique?
is there a better way (hopefully simpler) to code this?
i want to get the user id of the logged in user to use in my next statement.
$q1 = sprintf(SELECT uid FROM users WHERE users.username='$username');
$result1
An: andrewhu...@gmail.com; mysql@lists.mysql.com
Betreff: AW: a better way, code technique?
You should escape $username before passing it to mysql if its user
submitted data ... sql-injection
one/two liner: but error prone!
$un = mysql_real_escape_string($username);
list($id) = mysql_fetch_row
AndrewJames wrote:
is there a better way (hopefully simpler) to code this?
i want to get the user id of the logged in user to use in my next
statement.
$q1 = sprintf(SELECT uid FROM users WHERE
users.username='$username');
The only improvement I can see is:
$q1 = sprintf(SELECT uid
-Ursprüngliche Nachricht-
Von: Per Jessen [mailto:p...@computer.org]
Gesendet: Freitag, 4. September 2009 13:05
An: mysql@lists.mysql.com
Betreff: Re: a better way, code technique?
AndrewJames wrote:
is there a better way (hopefully simpler) to code this?
i want to get the user id
, code technique?
-Ursprüngliche Nachricht-
Von: Per Jessen [mailto:p...@computer.org]
Gesendet: Freitag, 4. September 2009 13:05
An: mysql@lists.mysql.com
Betreff: Re: a better way, code technique?
AndrewJames wrote:
is there a better way (hopefully simpler) to code this?
i want to get
-Ursprüngliche Nachricht-
Von: AndrewJames [mailto:andrewhu...@gmail.com]
Gesendet: Freitag, 4. September 2009 13:35
An: Skoric, Majk; p...@computer.org; mysql@lists.mysql.com
Betreff: Re: AW: Re: a better way, code technique?
hahah thank-you, love the responses here. you guys
You should store the current user id in a session variable. Then you
don't have to hit the database at all.
There really is no short way of doing it. Normally you would create a
function (i.e. runQuery) that you pass the query too. Then it handles
running the query, fetching the data, error
from you in those few
functions! =P
Regards,
Gavin Towey
-Original Message-
From: Brent Baisley [mailto:brentt...@gmail.com]
Sent: Friday, September 04, 2009 6:21 AM
To: AndrewJames
Cc: mysql@lists.mysql.com
Subject: Re: a better way, code technique?
You should store the current user id
+2
-Original Message-
From: Brent Baisley [mailto:brentt...@gmail.com]
Sent: Friday, September 04, 2009 6:21 AM
To: AndrewJames
Cc: mysql@lists.mysql.com
Subject: Re: a better way, code technique?
You should store the current user id in a session variable. Then you
don't have
10 matches
Mail list logo