restrict the scope of variables in a mysql query? with brackets?

Posted by Haroldo on Stack Overflow See other posts from Stack Overflow or by Haroldo
Published on 2010-05-17T16:29:03Z Indexed on 2010/05/17 16:50 UTC
Read the original article Hit count: 199

Filed under:
|

I can't remember what the method is meant to be for ensuring the scope of a variable in a query is restricted to prevent mysql injection.

where should i put brackets in the following examples?

UPDATE table SET col_1 = '$var', col_2 = '$var2' WHERE col_1 = '$var3'

and

SELECT * FROM table WHERE WHERE col_1 >= '$var1'

(Obviously looking for answers not using PDO!)

© Stack Overflow or respective owner

Related posts about mysql

Related posts about php