TalkPHP - View Single Post

Salathe · 11-21-2007, 02:12 PM

I don't know why you're using parentheses and the && comparison operator. Why not just go the normal route?

sql Code:

--- Compare
SELECT a FROM b WHERE ((c = 'c') && (d = 'd')) LIMIT 1
--- With
SELECT a FROM b WHERE c = 'c' AND d = 'd' LIMIT 1

Also, since you're using sprintf, why are you concatenating the table/column names into the formatting string?! Make proper use of the function, or don't use it at all, rather than mixing and matching.

(Use back ticks to wrap table and column names if you want/need to)

php Code:

$szSql = sprintf("SELECT %s FROM %s WHERE %s = '%s' AND %s = '%s' LIMIT 1",
                 $this->db->col['user_id'],
                 $this->db->table['users'],
                 $this->db->col['username']
                 $user_name,
                 $this->db->col['user_pass'],
                 md5($user_pass));

11-21-2007, 02:12 PM	#7 (permalink)
Salathe Moderateur Join Date: Apr 2007 Posts: 1,393 Thanks: 5	I don't know why you're using parentheses and the && comparison operator. Why not just go the normal route? sql Code: --- Compare SELECT a FROM b WHERE ((c = 'c') && (d = 'd')) LIMIT 1 --- With SELECT a FROM b WHERE c = 'c' AND d = 'd' LIMIT 1 Also, since you're using `sprintf`, why are you concatenating the table/column names into the formatting string?! Make proper use of the function, or don't use it at all, rather than mixing and matching. (Use back ticks to wrap table and column names if you want/need to) php Code: $szSql = sprintf("SELECT %s FROM %s WHERE %s = '%s' AND %s = '%s' LIMIT 1", $this->db->col['user_id'], $this->db->table['users'], $this->db->col['username'] $user_name, $this->db->col['user_pass'], md5($user_pass));