JOKER_JOKER
Limp Gawd
- Joined
- Nov 2, 2005
- Messages
- 471
I've been learning php for the last week or so, and it doesn't seem like a very complicated language, but the one thing that keeps tripping me up is where it is required/proper to use single quotes ( '.....' ) around a variable.
For example, I've been working on a simple login script, but it seems to make a big difference depending on whether I include variables/column names(from a table) in single quotes.
Could someone give me the general rule of thumb for something like this? I've googled but can't seem to find any information very useful.
For example, I've been working on a simple login script, but it seems to make a big difference depending on whether I include variables/column names(from a table) in single quotes.
PHP:
$user = $_POST['username'];
$pass = sha1($_POST['password']);
$query = mysql_query("SELECT * FROM users WHERE username = '$user' AND password = '$pass'");
$row = mysql_fetch_array($query);
if ($user = $row['username'] AND $pass = $row['password'])
echo "Username and Password accepted.";
else
echo "Username and Password combination invalid. Try again.";
Could someone give me the general rule of thumb for something like this? I've googled but can't seem to find any information very useful.