subject:"Re\: \[PHP\] syntax of sprintf"

Re: [PHP] syntax of sprintf

2008-05-20 Thread Chris

> the select query is > > $selectqueryusername = sprintf("Select username from individuals where > username='%s'", mysql_real_escape_string($username)); The syntax is fine. $result = mysql_query($selectqueryusername); if (!$result) { echo "Error! *** " . mysql_error(); } > also for insert q

Re: [PHP] syntax of sprintf

2008-05-18 Thread Ólafur Waage

Try this one $sSQL = sprintf("SELECT username FROM individuals WHERE username='%s'", mysql_real_escape_string($username)); $query = mysql_query($sSQL); if($query !== false) { // do something } 2008/5/18 Sudhakar <[EMAIL PROTECTED]>: > until i started using the techniques for avoiding sql injectio