which one is the best?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    which one is the best?

    Out of these sql statement which one is the best?

    (1) $sql = "INSERT INTO members(id,firstn) VALUES('".$id."','".$fname."')";

    (2) $sql = "INSERT INTO members SET id = '".$id."', firstn = '"..$fname."';

    #2
    And...

    (3) $sql = "INSERT INTO members VALUES('".$id."','".$fname."')";

    It should not be compared for the "best", the diference is that in (1) and (3) examples you have to keep order of inserting values while in (2) don't.
    <!DOCTYPE html PUBLIC "-//WAPFORUM.RS

    Comment


      #3
      Originally posted by jaidon20k View Post
      Out of these sql statement which one is the best?

      (1) $sql = "INSERT INTO members(id,firstn) VALUES('".$id."','".$fname."')";

      (2) $sql = "INSERT INTO members SET id = '".$id."', firstn = '"..$fname."';
      $sql = "INSERT INTO members
      (id,firstn) VALUES('".$id."','".
      $fname."')"; its better ,bt injectment are open

      Comment


        #4
        Code:
        <?php 
        $sql = "INSERT INTO members(id,firstn) VALUES('".intval($id)."','".mysql_real_escape_string($fname)."')";  
        ?>

        This would be the best way

        @arnage.... there are only 2 statements... no 3rd :lol

        Comment


          #5
          Originally posted by $XTREME$ View Post
          $sql = "INSERT INTO members
          (id,firstn) VALUES('".$id."','".
          $fname."')"; its better ,bt injectment are open
          Originally posted by Edyka View Post
          Code:
          <?php 
          $sql = "INSERT INTO members(id,firstn) VALUES('".intval($id)."','".mysql_real_escape_string($fname)."')";  
          ?>

          This would be the best way
          Like i said, there is no the best way between this two queries as they are for different purpose. And security nor escaping is in the question.
          But when you mentioned, intval() should not be used here and it returns floats also where $id can't be float plus on invalid sets 0. And its quoted wrong. ;)

          Read this http://coding-talk.com/f60/protectin..._cookie-17514/ and list Tutorials forum a little.

          Originally posted by Edyka View Post
          @arnage.... there are only 2 statements... no 3rd :lol
          Yes, it have. ;)
          Last edited by arnage; 14.10.12, 22:24.
          <!DOCTYPE html PUBLIC "-//WAPFORUM.RS

          Comment


            #6
            Not in the original post the one by you can be ignored... that is just an example :D why not? intval returns only ints as I know? .... PS your PHP knowledge is great, but your english could use some training PHP: intval - Manual returns only integers .. and the best thing is the most seruced one I bet the guy who opened the theme meant to ask for the more secure one
            Last edited by Edyka; 14.10.12, 22:38.

            Comment


              #7
              No. Floats, hex, minus values also. Read, read, read... PHP: intval - Manual
              ... and posted link before.

              And please, stay on topic, no one cares about my or anyones english nor personality. That attitude leave at Serbian forums. ;)

              Originally posted by Edyka View Post
              PHP: intval - Manual returns only integers .. and the best thing is the most seruced one I bet the guy who opened the theme meant to ask for the more secure one
              PHP Code:
              echo intval('-42');                   // -42
              echo intval(042);                     // 34
              echo intval(1e10);                    // 1410065408
              echo intval('1e10');                  // 1
              echo intval(0x1A);                    // 26 
              A? READ!
              Last edited by arnage; 14.10.12, 22:46.
              <!DOCTYPE html PUBLIC "-//WAPFORUM.RS

              Comment


                #8
                Originally posted by Edyka View Post
                Not in the original post the one by you can be ignored... that is just an example :D why not? intval returns only ints as I know? .... PS your PHP knowledge is great, but your english could use some training PHP: intval - Manual returns only integers .. and the best thing is the most seruced one I bet the guy who opened the theme meant to ask for the more secure one
                thanks@ Edyka

                i mean which one is more secure?

                Comment

                Working...
                X