webcoder;10998788 wrote:could someone break down what this function is actually doing....
$field = mysql_real_escape_string($field);
$value = mysql_real_escape_string($value);
Fairly straight forward what these lines are literally doing, but if you look at the big picture the first line doesn't make much sense.
If you're needing to use user-supplied input as column specifiers, you've probably got something very wrong with your DB design. And even then, it would make much more sense to hardcode an array of valid column names rather than trying to sanitize the input as if it were normal string data (the name of that sanitizing function ends in string(), not mysql_identifier()).
$query = mysql_query("SELECT COUNT(1) FROM categories WHERE '$field' = '$value' ");
This is trying to count how many rows are matched based on whether a given column equals a given value. (Again, this seems to suggest a bad database design.)
return(mysql_result($query, 0) == '0') ? false : true;
This simply retrieves the result of the COUNT() and returns false if no rows were matched, and true otherwise. Note that the return value of mysql_query() wasn't properly checked first, so the function would return true even if the SQL query was invalid and resulted in errors. (In other words, it seems that the PHP code was written just as poorly as the DB schema was designed. :p)
webcoder;10998788 wrote:i can insert my post with a specific category but when i then deleted that category my post dissapears with it, how do i create a default category for the posts that have not been set a category name?
There's no way we could possibly know that; you haven't even told us what this code is for (let alone how that application deals with "posts" and "categories").
