' question ?

developer

$Query3 = "DELETE FROM unreviewed WHERE 'id'=$id";

What good is the '':s around id doing please?

Thanks

John_Canyon

$Query3 = "DELETE FROM unreviewed WHERE id='".$id."';

developer

okey. 🙂

Do I really need the " ":s around id, when id is an int?

John_Canyon

I do it strictly out of habit, however you dont have to.

You will run into problems later on when doing selects off
of form submitted information or otherwise however if you
do not make sure to escape your variables.

Something similiar to addslashes() or mysql_escape_string
would work. I personally filter all my SELECT information
wether it is an internal or external variable.

Cheers

developer

Originally posted by John Canyon
I do it strictly out of habit, however you dont have to.

You will run into problems later on when doing selects off
of form submitted information or otherwise however if you
do not make sure to escape your variables.

Something similiar to addslashes() or mysql_escape_string
would work. I personally filter all my SELECT information
wether it is an internal or external variable.

Cheers

okey, thanks a lot for the help.