> >As a sidenote, your strings should be enclosed by single quotes, as per
> >SQL standard, not double quotes, those are reserved for delimited
> Hmmm. I've sort-of carried that over from the way I do PHP. I tend to use
> single quotes for strings that have no variables in them, so I use
> double-quotes around strings within the strings:
> $query = 'UPDATE foo SET field = "always"'
> That way I don't have to escape things, which I think makes them harder to
> read. I'll take your comment under advisement.
Although that's true for string literals, you would still need to
escape any user input since MySQL doesn't properly support
parameters (or does it in 5.1 or so?)
As I said, a complete side note :-)
Database Workbench - tool for InterBase, Firebird, MySQL, NexusDB, Sybase
SQL Anywhere, Oracle & MS SQL Server
Database development questions? Check the forum!