[TYPO3] MySQL question
Dmitry Dulepov
typo3 at accio.lv
Tue Sep 12 16:21:54 CEST 2006
Hi!
Andreas Jonderko wrote:
> // here you can split the result just like this:
> $usergroups = split(",",$result['usergroup']);
Using single quotes will increase performance. Minimal but still...
> // $updateArray = array('usergroup' => $usergroups);
> //$res=$GLOBALS['TYPO3_DB']->exec_UPDATEquery("fe_users","uid='$this->userID'",$updateArray);
Argh, insecure code :) There is s quoteStr and fullQuoteStr for quoting
parameters properly.
--
Dmitry Dulepov
http://typo3bloke.net/
"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)
More information about the TYPO3-english
mailing list