> the select query is
>
> $selectqueryusername = sprintf("Select username from individuals where
> username='%s'", mysql_real_escape_string($username));
The syntax is fine.
$result = mysql_query($selectqueryusername);
if (!$result) {
echo "Error! *** " . mysql_error();
}
> also for insert q
until i started using the techniques for avoiding sql injection, i
have been using a normal insert and select sql query which worked
fine.
i have a registration page where a user enters their username and if
this already exists i display a message by executing a select query
and if the username doe
Try this one
$sSQL = sprintf("SELECT username FROM individuals WHERE
username='%s'", mysql_real_escape_string($username));
$query = mysql_query($sSQL);
if($query !== false)
{
// do something
}
2008/5/18 Sudhakar <[EMAIL PROTECTED]>:
> until i started using the techniques for avoiding sql injectio
until i started using the techniques for avoiding sql injection, i have been
using a normal insert and select sql query which worked fine.
i have a registration page where a user enters their username and if this
already exists i display a message by executing a select query and if the
username do
4 matches
Mail list logo
