[thelist] [mysql] condensing queries

kris burford kris at midtempo.net
Tue Nov 4 05:08:00 CST 2003


> > firstly, is it a good idea to create a single, but more complex query - or
> > should i stick to several simple ones?
>
>If there is shared work done by both queries (eg. a subselect) there is a
>case for combining them. (Trading off against code readability etc.)

ok, that makes a lot of sense.

> > "where user = '$user' ";
>
>Careful with that. Unless you're using magic quotes (which is in general not
>a good thing at all), apostrophes and backslashes in the $user name can
>cause you trouble. Look at eg. mysql_[real_]escape_string for stuff like
>this.

actually, this was a simplified example. in reality the $user reference is 
a base64 encoded unique string which only the database has access to. but 
thanks for the warning.

kris



More information about the thelist mailing list