[thelist] [mysql] condensing queries
kris burford
kris at midtempo.net
Tue Nov 4 05:08:00 CST 2003
> > firstly, is it a good idea to create a single, but more complex query - or
> > should i stick to several simple ones?
>
>If there is shared work done by both queries (eg. a subselect) there is a
>case for combining them. (Trading off against code readability etc.)
ok, that makes a lot of sense.
> > "where user = '$user' ";
>
>Careful with that. Unless you're using magic quotes (which is in general not
>a good thing at all), apostrophes and backslashes in the $user name can
>cause you trouble. Look at eg. mysql_[real_]escape_string for stuff like
>this.
actually, this was a simplified example. in reality the $user reference is
a base64 encoded unique string which only the database has access to. but
thanks for the warning.
kris
More information about the thelist
mailing list